WASHINGTON: According to Western intelligence agencies and Microsoft (MSFT.O), a state-sponsored Chinese hacking outfit has been eavesdropping various US vital infrastructure companies, from telecoms to transportation hubs.
According to a report from Microsoft, the espionage has also targeted the US territory of Guam, which is home to many strategically significant American military installations, and the company warned that “mitigating this attack could be challenging.”
Analysts say that even though China and the United States frequently spy on one another, this is one of the greatest known Chinese cyberespionage efforts targeting crucial American infrastructure.
The Chinese embassy in Washington did not promptly answer a Reuters request for comment.
Although the number of impacted organisations was not immediately known, the US National Security Agency (NSA) announced that it was collaborating to find breaches with organisations in the UK, Canada, New Zealand, Australia, and the US Federal Bureau of Investigation. Canada, the UK, Australia, and New Zealand issued a warning that they may also be the target of the hackers.
Microsoft experts expressed “moderate confidence” that the Chinese organisation, “Volt Typhoon” was creating tools that may compromise the vital communications networks between the United States and Asia during future crises.
John Hultquist, who oversees threat analysis at Google’s Mandiant Intelligence, said, “It means they are preparing for that possibility.”
According to him, the Chinese action is unusual and concerning in part because experts are still unsure of the potential capabilities of this organisation.
“The geopolitical environment has increased interest in this actor.”
U.S. President Joe Biden has stated he would be prepared to use force to defend Taiwan as China has increased military and diplomatic pressure in support of its claim to democratically controlled Taiwan.
If China invades Taiwan, security experts predict that Chinese hackers may attack U.S. military networks and other vital infrastructure.
Companies that manage vital infrastructure were asked by the NSA and other Western cyber agencies to spot hostile activity using the technical advice they supplied.
In a joint statement with the NSA, Paul Chichester, director of the UK’s National Cyber Security Centre, urged operators of important national infrastructure to take measures to prevent attackers from hiding on their systems.
According to Microsoft, the Chinese hacking outfit has been operating since at least 2021 and has targeted a number of sectors, including government, information technology, education, manufacturing, utilities, transportation, and marine.
The Chinese effort was utilising “built-in network tools to evade our defences and leaving no trace behind,” according to NSA cybersecurity director Rob Joyce.Such methods rely on “capabilities already built into critical infrastructure environments,” the author continued, making them more difficult to identify.
Microsoft said that this organisation attacks a target’s current computers to uncover information and retrieve data, as opposed to utilising conventional hacking approaches, which frequently entail duping a victim into downloading dangerous files.
The U.S. military maintains facilities on Guam that are essential for responding to any war in the Asia-Pacific area. Additionally, it serves as a significant communications centre for the many undersea cables that link the United States to Asia and Australia.
