Microsoft, along with official statements from Western allies, has confirmed that state-sponsored Chinese hackers have breached critical infrastructure networks in the United States, as well as in Western allies nations and other locations.
State-sponsored Chinese hackers have infiltrated critical US infrastructure networks, the United States, its Western allies, and Microsoft said Wednesday, warning that similar espionage attacks could occur globally.
Microsoft highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets but said “malicious” activity had also been detected elsewhere in the United States.
The stealthy attack—carried out by a China-sponsored actor dubbed “Volt Typhoon” since mid-2021—enabled long-term espionage and was likely aimed at hampering the United States if there was a conflict in the region, it said.
“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” the statement said.
“In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.”
Microsoft’s statement coincided with an advisory released by US, Australian, Canadian, New Zealand, and UK authorities warning that the hacking was likely occurring globally.
China denied the allegations, describing the Microsoft report as “extremely unprofessional” and “scissors-and-paste work.”
“It is clear that this is a collective disinformation campaign of the Five Eyes coalition countries, initiated by the US for its geopolitical purposes,” foreign ministry spokeswoman Mao Ning said, referring to the security alliance of the United States and its Western allies that wrote the report.
Microsoft said the Volt Typhoon attack tried to blend into regular network activity by routing traffic through compromised small office and home office network equipment, including routers, firewalls, and VPN hardware.
Several other governments had found similar activity since the Volt Typhoon alert was issued, said Robert Potter, co-founder of Australian cybersecurity firm Internet 2.0.
The director of the US Cybersecurity and Infrastructure Security Agency, Jen Easterly, said China had been stealing intellectual property and data worldwide for years.
Miroslava Salazar with AFP
