Microsoft and intelligence officials in various countries have warned that a state-sponsored hacking group has spied on and infiltrated critical US infrastructure in various industries in an attempt to disrupt communications between the US and Asia in the event of future crises. It is stated that China is behind this group.The size of the reach is large
Microsoft said the hackers, codenamed Volt Typhoon, have been in operation since mid-2021. By exploiting vulnerabilities in Fortinet FortiGuard devices, attackers can steal credentials from the network and use the data to infect other devices on the network.“Volt Typhoon redirects all network traffic to its destinations through compromised SOHO network end devices (including routers). Most devices, including those manufactured by Microsoft, ASUS, Cisco, D-Link, NETGEAR, and Zyxel, are supported by the owner’s HTTP or IP address,” Microsoft said in a statement. Confirmed that it allows it to open SSH management interfaces to the Internet.”
Affected sectors are critical
Microsoft said the affected organizations include the communications, manufacturing, utility, transportation, construction, maritime, government, information technology and education sectors.
According to Microsoft, the observed behavior of the attackers is aimed at spying and maintaining access undetected for as long as possible. Microsoft added that Volt Typhoon targeted critical infrastructure in Guam, where a key US military outpost is located in the Pacific Ocean, and a key strategic point for the United States should China invade Taiwan.Microsoft said it notified customers that were targeted or compromised and gave instructions on identifying an attack. Microsoft also urged those affected by this hack to close all compromised accounts or change their credentials.
It wasn’t just Microsoft that issued the warning. Officials in the US, Australia, Canada, New Zealand and the UK, which make up the Five Eyes intelligence network, also issued a statement. In the statement, it was emphasized that the Volt Typhoon group was supported by the Chinese government.
China denied the allegations
China’s foreign ministry has criticized the allegations, saying they are “lack of evidence”. The ministry reiterated its accusation earlier this month that the US is a “hacker empire”, saying that the involvement of some companies (Microsoft) in the warning “increases the US channels of spreading misinformation”.One of the biggest attacks the US has recently blamed on China was the attack on Microsoft Exchange in 2021. Last February, Federal Bureau of Investigation Director Christopher Wray said that China is responsible for more cyberattacks against the United States than all other countries combined.
47266
