Microsoft has issued a public statement claiming that it has tracked an alleged group of Chinese cyber hackers who have been conducting hacking activities in Guam and other U.S. territories since the beginning of 2021.
Microsoft Spots China’s Targeted Hacking Activities in US Guam Territory
Microsoft Inc. announced on Tuesday that it had tracked down a group of state-sponsored hackers with Chinese affiliation operating in the United States territory.
ALERT FROM @MICROSOFT: Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a…
— Tom Fitton (@TomFitton) May 24, 2023
According to the released report, the China-sponsored hackers have targeted significant sectors, including communications, transportation, construction, manufacturing, and operational utilities in Guam and other United States territories.
Microsoft has named the Chinese hacker group “Volt Typhoon.”
The tech giant stated that the detected group’s intentions may just be constrained to espionage, considering there have been no attacks or destruction geared towards infrastructure.
Microsoft Says CHINA’S [BIDEN’S Business Partners] Hacked Critical US Infrastructure!- A state-sponsored actor in China called Volt Typhoon has hacked critical US infrastructure organizations in the United States. Microsoft reports they engage in “stealthy and malicious activity”… pic.twitter.com/dt8JvTkgaK
— @Investigator_50 (@Investigator_50) May 24, 2023
Although the access has not been used in any (known) offensive cyberattack, Microsoft believes that the strategic targeting of Guam’s Pacific territory isn’t an accident. The territory would be vital in the case of a conflict between the 2 nations and this intrusion could be helpful in such an event.
The company revealed that the group of cyber attackers used cloned routers, firewalls, and “edge” network devices as proxies to suffuse functional sectors and launch its hacking.
The cyber-terrorists targeted devices used by hardware manufacturers, including Cisco, D-Link, ASUS, Zyxel, and Netgear.
Additionally, these hackers exploited access provided by compromised personal accounts from verified users rather than building their malware to evade regular network traffic and detection from cybersecurity agencies.
In recent years, China’s military and cyber intelligence hackers have permeated global sectors and territories, giving it a reputation for channeling their intrusion to espionage.
However, when hackers breach significant infrastructure or sectors in the United States, cyber war and conflict contingency are bound to escalate to other dangerous outcomes.
Google’s Cybersecurity Team Affirms Alleged Chinese Hacker’s Intrusion
According to a Wired exclusive report, Google Inc, another multi-international technology firm, stated that its cybersecurity affiliate corporation, Mandiant, has also tracked a group of alleged Chinese hackers.
Mandiant offers a similar warning on the target of critical infrastructures in Guam and other United States regions.
While there are no clear connections between espionage activities, there are concerns over the target of essential infrastructures amidst a forecast of disruptive cyberattacks or military destruction.
Like Microsoft, Mandiant remains committed to tracking the alleged hacker group, observing campaigns, patterns, and adaption, and focusing on suspected espionage.
US Cybersecurity Agencies & International Intelligence on Alert About Volt Typhoon’s Guam Hacks
Multiple United States government agencies, including the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Justice Department, have collaborated with Canadian, Australian, and U.K. intelligence to protect against the activities of the Volt Typhoon.
These security departments and agencies released a joint cybersecurity advisory about recent developments of the brewing hackers group.
According to the advisory document, Volt Typhoon’s activities will affect networks across Guam and other U.S. critical infrastructures.
There is also a call for other global agencies to join forces to stop the hacker group, which can replicate the same techniques against other countries and infrastructures.
Although there has never been a China-sponsored offensive or disruptive cyberattack against the US, the country’s hackers have been periodically caught inside the U.S. infrastructures and sectors, mostly to steal valuable data and IP.
Two years ago, the CISA and FBI issued a joint advisory that entails the intrusion of China’s hackers in gas pipeline sectors between 2011 and 2013.
China has made no comments on past and present cases of alleged infiltration or intrusion on critical sectors in regions of the U.S. (and likely never will).
However, should the attacks continue, there will be a dire need for a regulatory framework to checkmate and mitigate impending cyberattacks that are detrimental to sectors and individuals.
Volt Typhoon is able to infiltrate organizations using a unnamed vulnerability in a popular cybersecurity suite called FortiGuard, Microsoft said
Some of us have been calling for far stronger controls around vendors who supply security products. At what point do we say enough?
— Daniel Cuthbert (@dcuthbert) May 25, 2023
Furthermore, cybersecurity experts and analysts believe there may be an escalation of cyber attacks and potentially even military wars between both countries, which would surely be catastrophic.
Related News
- Joe Biden is Asking for Help From Hackers in New AI Plan of Action
- How to Buy Stocks with a Regulated Broker in 2023
What's the Best Crypto to Buy Now?
- B2C Listed the Top Rated Cryptocurrencies for 2023
- Get Early Access to Presales & Private Sales
- KYC Verified & Audited, Public Teams
- Most Voted for Tokens on CoinSniper
- Upcoming Listings on Exchanges, NFT Drops