Chinese hackers have been targeting various important networks in the United States since at least mid-2021, aiming at key sectors such as telecommunications and transportation. This information comes from Microsoft and several cybersecurity agencies from the Five Eyes alliance, a group of countries that cooperate on intelligence matters.
Microsoft revealed on Wednesday that this cyber espionage activity is carried out by a group called Volt Typhoon, which operates under the sponsorship of the Chinese government. Their main goal is to gather sensitive information by spying on their targets.
Moreover, Microsoft further explained that Volt Typhoon’s objective is to conduct espionage and maintain access to the networks for as long as possible without being detected.
Their ultimate aim seems to be gaining the capability to disrupt vital communication infrastructure between the United States and the Asian region during future crises.
The impact of these attacks is significant, affecting numerous critical sectors in the United States, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education.
Microsoft Threat Intelligence:
"Volt Typhoon, a Chinese state-sponsored actor, uses living-off-the-land (LotL) and hands-on-keyboard TTPs to evade detection and persist in an espionage campaign targeting critical infrastructure organizations in Guam and the rest of the United… pic.twitter.com/Wbia5UZ43O
— Lokman Karadag 盧克曼 (@LokmanKaradag1) May 25, 2023
Targeting military presence in Guam
Microsoft has highlighted that the Chinese cyber espionage group’s targets extend to various networks in Guam, a location in the western Pacific where the United States maintains a significant military presence.
These military facilities in Guam play a crucial role in addressing conflicts in the Asia-Pacific region. Additionally, Guam serves as a major hub for communication, connecting Asia and Australia to the United States through submarine cables.
Bart Hoggeveen, a senior analyst at the Australian Strategic Policy Institute, emphasized that Guam’s submarine cables make it a logical target for gathering intelligence by the ruling communist party in China.
He further explained that there is a considerable vulnerability when these cables come ashore.
Five Eyes Agencies’ response to China’s Volt Typhoon
A joint cybersecurity advisory by intelligence partners from the United States and other countries, known as Five Eyes, has raised concerns about the potential targeting of critical infrastructures abroad by China’s Volt Typhoon campaign.
This advisory involves agencies such as the U.S. National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and their counterparts from Australia, New Zealand, Canada, and Britain.
U.S. intelligence agencies became aware of a hacker group called Volt Typhoon in February and are warning industries that they may be infiltrated by using freeware or opensource software / administration tools. -Microsoft pic.twitter.com/7dD9VTwIBl
— Intel Stream (@IntelStream) May 24, 2023
CISA Director Jen Easterly said that China has been engaging in aggressive cyber operations for years, aiming to steal valuable intellectual property and sensitive data from organizations worldwide. However, this serves as a warning to remain vigilant.
Bryan Vorndran, Assistant Director of the FBI’s cyber division, described the hacking tactics used by Volt Typhoon as “unacceptable.”
The importance of taking action to prevent attackers from infiltrating critical national infrastructure systems was stressed by Paul Chichester, Director at the UK’s National Cyber Security Centre.
See all the latest news from Greece and the world at Greekreporter.com. Contact our newsroom to report an update or send your story, photos and videos. Follow GR on Google News and subscribe here to our daily email!
