Behavior indicates espionage
Microsoft: Chinese hackers attack US infrastructure
05/25/2023 2:43 p.m
Relations between the US and China remain strained. Now an accusation should complicate this further. Both Microsoft and cyber services claim that state-backed Chinese hackers have targeted US critical infrastructure. Beijing angrily rejects this.
According to Microsoft and cyber security services, state-backed Chinese hackers are increasingly targeting critical infrastructure in the United States. The aim of the covert attacks by the actors identified as “Volt Typhoon” is to lay the foundations for disrupting important communications between the USA and Asia, Microsoft said. The warning was also issued by the cyber security services of the “Five Eyes” intelligence service alliance from the USA, Great Britain, Australia, Canada and New Zealand.
The Chinese Foreign Ministry dismissed the report as an unprofessional “patchwork with broken chain of evidence”. Foreign Ministry spokeswoman Mao Ning saw a “collective disinformation campaign” by the “Five Eyes” and called the American foreign intelligence service NSA “the world’s largest hacking group”.
Behavior indicates espionage
As Microsoft reported, various organizations in sectors such as communications, manufacturing, utilities, transportation, construction, maritime, government, information technology and education were affected by the attacks. The observed behavior of the attackers indicates espionage and securing access – as long as possible without being discovered.
“Volt Typhoon” is known to focus on espionage and intelligence gathering. One of the ways the hackers attempted to blend in with normal network activity was to route traffic through compromised small office or home office network equipment, including routers, firewalls and tunneling software, Microsoft said. The American cyber authority CSIA spoke of an “accumulation of activities” in networks in the USA. The hackers could also use the same techniques worldwide.