Microsoft warned on Wednesday that Beijing-backed Chinese hackers are targeting critical US infrastructure and could be setting the stage for a potential disruption of US-Asian communications in future crises.
The targets include locations in Guam, the US island territory in Micronesia, where Washington has a large military presence, the computer giant said.
Hostile activity in cyberspace, from espionage to forward-positioning malware for potential future attacks, has become a hallmark of modern geopolitical rivalry, the Associated Press (AP) reported.
Microsoft highlighted, in a blog post, that the Chinese state-sponsored hacking group, Volt Typhoon, has been active since mid-2021.
The company also highlighted that the organizations affected by cyberattacks are from the communication, manufacturing, construction, public services, transportation, maritime, information technology, and education sectors.
Separately, the National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and their counterparts in Australia, New Zealand, Canada and the United Kingdom issued a joint statement sharing technical details about “group activity newly discovered.”
A Microsoft spokesperson declined to say why the software giant is now making this announcement or whether it has recently seen an increase in critical infrastructure on Guam or adjacent US military installations, which include a major airbase.
John Hultquist, chief analyst at Google’s Mandiant cybersecurity intelligence operation, called Microsoft’s announcement “a potentially important discovery.”
“We don’t see a lot of these kinds of polls from China. It’s rare,” Hultquist said.
“We know a lot about the cyber capabilities of Russia, North Korea and Iran because they have been doing it regularly,” he added.
Microsoft further noted that the hacking campaign placed a “strong emphasis on stealth” and sought to blend in with normal Internet activity by “hacking” small office equipment, including “routers.”
“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the world,” said Jen Easterly, director of CISA, calling for mitigation of affected networks to prevent potential disruptions.
Bryan Vorndran, deputy director of the FBI’s cyber division, called the intrusions “unacceptable tactics,” according to the same statement.
Tensions between Washington and Beijing, where US national security considers China its main military, economic and strategic rival, have escalated in recent months.
Tensions escalated last year after then-House Speaker Nancy Pelosi, a Democrat, visited democratically governed Taiwan, prompting China, which claims the island as its territory, to launch military exercises there. .
Relations between the United States and China were further strained earlier this year after the United States shot down what it believed to be a Chinese “spy balloon” as it crossed the United States.
Source: TSF
