Chinese hackers strike critical US infrastructure in Guam

Australia
By William

Chinese hackers have hit “critical” US infrastructure, Microsoft revealed today in a campaign targeting Guam, sparking fears that Beijing is preparing to obscure communications at its strategic base for an attack on Taiwan.

The tech giant said state-backed hackers dubbed “Volt Typhoon” have been operating since mid-2021, continually breaching “critical infrastructure organizations in Guam and elsewhere in the United States.”

The US Cybersecurity and Infrastructure Security Agency (CISA) confirmed that China was behind the breach at multiple government and private organizations.

While the government did not name Guam, Microsoft said it discovered the breach “while investigating intrusion activity that hit a U.S. port.” Tom Burt, the executive overseeing Microsoft’s threat intelligence unit, told The New York Times that tracing the impact found numerous networks that had been affected, including some in Guam’s telecommunications sector.”

The group’s apparent focus on Guam is particularly concerning, as the U.S. territory is a major military base in the Pacific and would be a key staging point for any U.S. response in the event of a conflict in Taiwan or the South China Sea.

Chinese President Xi Jinping attends the China-Central Asia Summit in Xi’an, northwest China’s Shaanxi province, May 19

USS Theodore Roosevelt (CVN 71) as it is moored on the pier side of Naval Base Guam on May 15, 2020. The group's apparent focus on Guam is particularly concerning, as the U.S. territory is a major military base in the Pacific and would become a major staging post for any U.S. response in the event of a conflict in Taiwan or the South China Sea.

USS Theodore Roosevelt (CVN 71) as it is moored on the pier side of Naval Base Guam on May 15, 2020. The group’s apparent focus on Guam is particularly concerning, as the U.S. territory is a major military base in the Pacific and would become a major staging post for any U.S. response in the event of a conflict in Taiwan or the South China Sea.

The group's apparent focus on Guam is particularly concerning given that the US territory is a major military base in the Pacific Ocean

The group’s apparent focus on Guam is particularly concerning given that the US territory is a major military base in the Pacific Ocean

Telecommunications networks are a valuable target for state-sponsored hackers, as military communications often piggyback on commercial networks.
Microsoft said it assessed with “moderate confidence” that the Volt Typhoon campaign “pursues the development of capabilities that could disrupt critical communications infrastructure between the United States and Asia during future crises.”

A spokesman for the Chinese embassy in Washington DC did not immediately respond to a request for comment from DailyMail.com on Wednesday afternoon.

Microsoft said it had notified targeted or compromised customers and provided them with information to identify and remediate any breaches.

The organizations targeted by Volt Typhoon included industries such as communications, manufacturing, utilities, transportation, construction, maritime, government, information technology and education, Microsoft said.

The company said Volt Typhoon did not appear to have used the breaches to launch offensive attacks, but the group appeared to be focusing on maintaining unobtrusive access to critical systems.

“Observed behavior suggests that the threat actor intends to conduct espionage and keep access undetected for as long as possible,” Microsoft said.

CISA Director Jen Easterly said: “China has been conducting aggressive cyber operations for years to steal intellectual property and sensitive data from organizations around the world.

Chinese soldiers browse online news on desktop computers at a PLA (People's Liberation Army) garrison in Chongqing, China, 14 November 2013

Chinese soldiers browse online news on desktop computers at a PLA (People’s Liberation Army) garrison in Chongqing, China, 14 November 2013

“Today’s advisory highlights China’s continued use of sophisticated assets to attack our country’s critical infrastructure, and it gives network defenders important insights into how to detect and mitigate this malicious activity.

“As our nation’s cyber defense agency, CISA stands ready to support our partners in protecting the critical services our citizens rely on every day against the threat of disruption.

“We encourage all organizations to review the guidance, take action to mitigate risk and report any evidence of anomalous activity. We must work together to ensure the safety and resilience of our critical infrastructure.”

The hacker gang’s apparent focus on Guam is ringing alarm bells that its primary purpose could have been to disrupt and cut off U.S. communications with Asia in the event of a military conflict.

Guam is home to major US military facilities, including Andersen Air Force Base, which would be critical to responding to any conflict in the Asia-Pacific region.

Recently, China has stepped up military and diplomatic pressure to force self-governed Taiwan to accept Beijing’s claim to sovereignty. Taiwan rejects China’s claims.

While the United States has long pursued a policy of “strategic ambiguity” over whether it would intervene militarily to protect Taiwan in the event of a Chinese attack, President Joe Biden has said it is willing to use force to protect the island. to defend.

In recent years, China’s navy has also become increasingly aggressive in the South China Sea, one of the world’s most important trade routes.

China has claimed almost all of the South China Sea as its territory. Parts of the vast waterway are also claimed by Vietnam, Taiwan, Brunei, Malaysia and the Philippines.

You might also like More from author