A state-sponsored Chinese hacking group has been spying on a wide range of US critical infrastructure organisations, from telecommunications to transportation hubs, western intelligence agencies and Microsoft have said.
The hackers have also targeted the US island territory of Guam, home to strategically important American military bases, Microsoft said in a report on Wednesday, adding “mitigating this attack could be challenging”.
It was not immediately clear how many organisations were affected, but the US National Security Agency (NSA) said it was working with partners including Canada, New Zealand, Australia, and the UK, as well as the US Federal Bureau of Investigation to identify breaches.
While Chinese hackers are known to spy on western countries, this is one of the largest known cyber-espionage campaigns against American critical infrastructure.
“A PRC [People’s Republic of China] state-sponsored actor is living off the land, using built-in network tools to evade our defenses and leaving no trace behind,” NSA cybersecurity director Rob Joyce said in a statement.
Such “living off the land” spy techniques are harder to detect as they use “capabilities already built into critical infrastructure environments”, he added.
The Chinese embassy in Washington did not immediately respond to a Reuters request for comment.
Microsoft said the Chinese group, which it dubbed “Volt Typhoon,” had been active since at least 2021 and has targeted a number of industries including communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education.
As opposed to using traditional hacking techniques, which often involve tricking a victim into downloading malicious files, Microsoft said this group infects a victim’s existing systems to find information and extract data.
Analysts assessed with “moderate confidence” that the Chinese campaign was developing capabilities that could disrupt critical communications infrastructure between the US and Asia region during future crises, Microsoft added.
Guam is home to US military facilities that would be key to responding to any conflict in the Asia-Pacific region.
Canada’s cybersecurity agency separately said it had no reports of Canadian victims of the hacking as yet.
“However, western economies are deeply interconnected,” it added. “Much of our infrastructure is closely integrated and an attack on one can impact the other.”
The UK similarly warned the techniques used by the Chinese hackers on US networks could be applied worldwide.
( Information from politico.com was used in this report. Also if you have any problem of this article or if you need to remove this articles, please email here and we will delete this immediately. [email protected] )