Webdunia - Bharat's app for daily news and videos

Install App

Chinese hackers targeting critical US infrastructure: Microsoft

Webdunia
Thursday, 25 May 2023 (14:48 IST)
The United States, its Western allies, and Microsoft, have issued a warning, revealing that state-sponsored Chinese hackers have successfully infiltrated critical US infrastructure networks. They also cautioned that similar espionage attacks may be taking place worldwide.
 
China's Foreign Ministry has called the allegations a "disinformation campaign."
 
What did Microsoft say?
 
Microsoft said the Guam territory in the Pacific Ocean, home to US military bases, was one of the targets. The tech giant said "malicious" activities had happened in other parts as well and that "mitigating this attack could be challenging."
 
Microsoft analysts said they had "moderate confidence" a Chinese group, which it dubbed "Volt Typhoon," was developing capabilities that could disrupt critical communications infrastructure between the US and Asia region during future crises.
 
Volt Typhoon's attacks began in mid-2021 and appear to be aimed at undermining the US in the event of a regional conflict.
 
The affected organizations span various sectors, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education.
 
Which countries have been affected?
 
In a coordinated effort, US, Australian, Canadian, New Zealand, and UK authorities released an advisory stating that the cyber actor behind Volt Typhoon is backed by the Chinese government and that similar hacking activities are likely occurring on a global scale.
 
The advisory warned that the hacking operations impact critical infrastructure sectors in the US and cautioned that the same techniques could be employed against other sectors worldwide.
 
The US and allies emphasized that the hackers employed "living off the land" tactics, exploiting built-in network tools to blend in with normal Windows systems. These tactics allowed them to incorporate seemingly harmless system administration commands.
 
To mask their activities, the hackers routed their traffic through compromised small office and home office network equipment, such as routers, firewalls, and VPN hardware. Microsoft also noted the use of customized versions of open-source tools by the attackers.
 
In response to these threats, Microsoft and security agencies released guidelines to aid organizations in detecting and countering these cyber intrusions.
 
How did China respond?
 
China said the allegations from Microsoft and the US and its allies lacked solid proof.
 
"This is an extremely unprofessional report with a missing chain of evidence, this is just scissors-and-paste work," Foreign Ministry spokeswoman Mao Ning said.
 
She said the claims were "a collective disinformation campaign" initiated by Washington.
 
Mao said the US itself was "a hacker empire" and "was expanding new channels for disseminating disinformation."
 
John Hultquist, chief analyst at US cybersecurity company Mandiant, said that while China and Russia have historically targeted critical infrastructure, Volt Typhoon provides new insights into Chinese hacking.
 
He described Chinese cyber threat actors as unique, as they have not frequently resorted to destructive and disruptive cyber attacks, making their capabilities less transparent. The disclosure of these activities presents a rare opportunity to investigate and prepare for this specific threat, he said.

Related Article

See All

Top News

UP govt spoiling atmosphere in Sambhal, alleges Priyanka Gandhi Vadra; urges Supreme Court to take cognizance

THESE Uncapped players turn crorepatis at IPL Auction 2025

TRAGIC! Misled by Google Maps, car falls into river from under-construction bridge in Uttar Pradesh, 3 dead

Must Read

Landslides and mudslides: Can they be prevented?

Fungi are adapting to body heat — a 'doomsday scenario'

Could a Syrian war criminal be attending Paris Olympics?

Next Article
Show comments