By Smartencyclopedia Newsroom *
Chinese hackers believed to be sponsored by the state, have successfully breached critical American infrastructure, including in Guam, as warned by Microsoft and the “Five Eyes” intelligence alliance.
This development holds significant implications due to Guam’s strategic importance in potential U.S. responses to Chinese military actions against Taiwan.
The objective of this operation, according to Microsoft, is likely to disrupt crucial communication infrastructure between the United States and the Asian region during future crises.
In response to the recently discovered activities of the “Volt Typhoon” hackers, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and its partner agencies from the U.K., Canada, Australia, and New Zealand issued a joint advisory, highlighting the threat posed by these hackers to all five allied countries.
Microsoft’s blog post described the Chinese state-sponsored group as primarily focused on espionage and information gathering. Detecting and countering this attack is expected to be challenging.
The hackers, active since mid-2021, have targeted various critical infrastructure organizations in Guam and other parts of the United States, including sectors such as communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education.
The hackers employ a strategy known as “living off the land,” using built-in network administration tools to blend in with normal Windows system and network activities, thus evading detection.
While previous hack attacks targeting the U.S. government, businesses, and infrastructure have been linked to the Chinese Communist Party, they consistently deny involvement in such cyber espionage.
CISA director Jen Easterly emphasizes the significance of this advisory in shedding light on China’s sophisticated methods and providing network defenders with crucial insights to detect and mitigate this malicious activity.