A state-sponsored Chinese hacking group has been spying on a wide range of U.S. critical infrastructure organizations, from telecommunications to transportation hubs, Western intelligence agencies and Microsoft said on Wednesday.
The espionage has also targeted the U.S. island territory of Guam, home to strategically important American military bases, Microsoft said in a report, adding that "mitigating this attack could be challenging."
While China and the United States routinely spy on each other, analysts say this is one of the largest known Chinese cyber-espionage campaigns against American critical infrastructure.
The Chinese embassy in Washington did not immediately respond to a Reuters request for comment.
It was not immediately clear how many organizations were affected, but the U.S. National Security Agency (NSA) said it was working with partners including Canada, New Zealand, Australia, and the UK, as well as the U.S. Federal Bureau of Investigation to identify breaches. Canada, UK, Australia and New Zealand warned they could be targeted by the hackers too.
Microsoft analysts said they had "moderate confidence" this Chinese group, which it dubbed as 'Volt Typhoon', was developing capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.
"It means they are preparing for that possibility," added said John Hultquist, who heads threat analysis at Google's Mandiant Intelligence.
The Chinese activity is unique and worrying also because analysts don't yet have enough visibility on what this group might be capable of, he added.
"There is greater interest in this actor because of the geopolitical situation."
As China has stepped up military and diplomatic pressure in its claim to democratically governed Taiwan, U.S. President Joe Biden has said he would be willing to use force to defend Taiwan.
Security analysts expect Chinese hackers could target U.S. military networks and other critical infrastructure if China invades Taiwan.
The NSA and other Western cyber agencies urged companies that operate critical infrastructure to identify malicious activity using the technical guidance they issued.
"It is vital that operators of critical national infrastructure take action to prevent attackers hiding on their systems," Paul Chichester, director at the UK's National Cyber Security Centre said in a joint statement with the NSA.
Microsoft said the Chinese hacking group has been active since at least 2021 and has targeted several industries including communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education.
NSA cybersecurity director Rob Joyce said the Chinese campaign was using "built-in network tools to evade our defenses and leaving no trace behind." Such techniques are harder to detect as they use "capabilities already built into critical infrastructure environments," he added.
As opposed to using traditional hacking techniques, which often involve tricking a victim into downloading malicious files, Microsoft said this group infects a victim's existing systems to find information and extract data.
Guam is home to U.S. military facilities that would be key to responding to any conflict in the Asia-Pacific region. It is also a major communications hub connecting Asia and Australia to the United States by multiple submarine cables.
Bart Hoggeveen, a senior analyst at the Australian Strategic Policy Institute who specializes in state-sponsored cyber attacks in the region, said the submarine cables made Guam "a logical target for the Chinese government" to seek intelligence.
"There is high vulnerability when cables land on shore," he said.
New Zealand said it would work towards identifying any such malicious cyber activity in its country.
"It's important for the national security of our country that we're transparent and upfront with Australians about the threats that we face," Australia's Minister for Home Affairs and Cyber Security Clare O'Neil said.
Canada's cybersecurity agency said it had no reports of Canadian victims of this hacking as yet. "However, Western economies are deeply interconnected," it added. "Much of our infrastructure is closely integrated and an attack on one can impact the other."
Reuters
Thu May 25 2023
While China and the United States routinely spy on each other, analysts say this is one of the largest known Chinese cyber-espionage campaigns against American critical infrastructure. - REUTERS
Former New Zealand PM Jacinda Ardern receives UN leadership award
Former New Zealand prime minister Jacinda Ardern was given a global leadership award by the United Nations Foundation.
ICC'S arrest warrants for Netanyahu, Gallant an apt decision - PM
The decision of the ICC to issue arrest warrants against Benjamin Netanyahu and Yoav Gallant is apt, said Datuk Seri Anwar Ibrahim.
KTMB provides two additional ETS trains for Christmas, school holidays
KTMB will provide two additional ETS trains for the KL Sentral-Padang Besar route and return trips in conjunction with the holidays.
BNM'S international reserves rise to USD118 bil as at Nov 15, 2024
Malaysia's international reserves rose to US$118.0 billion as at Nov 15, 2024, up from US$117.6 billion on Oct 30, 2024.
Findings by dark energy researchers back Einstein's conception of gravity
The findings announced are part of a years-long study of the history of the cosmos focusing upon dark energy.
NRES responds to Rimbawatch press release on COP29
The Ministry of Natural Resources and Environmental Sustainability (NRES) wishes to offer the following clarifications to the issues raised.
Online Safety Bill and Anti-Cyberbullying Laws must carefully balance rights and protections
The Online Safety Advocacy Group (OSAG) stands united with people in Malaysia in the fight against serious online harms.
Malaysia's inflation at 1.9 pct in Oct 2024 - DOSM
Malaysia's inflation rate for October 2024 has increased to 1.9 per cent, up from 1.8 per cent in September this year.
Saudi Arabia showcases Vision 2030 goals at Airshow China 2024
For the first time, Saudi Arabia is participating in the China International Aviation & Aerospace Exhibition held recently in Zhuhai.
King Charles' coronation cost GBP 71mil, govt accounts show
The coronation of Britain's King Charles cost taxpayers GBP72 million (US$90 million), official accounts have revealed.
Couple and associate charged with trafficking 51.9 kg of meth
A married couple and a man were charged in the Magistrate's Court here today with trafficking 51.974 kilogrammes of Methamphetamine.
PDRM to consult AGC in completing Teoh Beng Hock investigation
The police may seek new testimony from existing witnesses for additional insights into the investigation of Teoh Beng Hock's death.
Thai court rejects petition over ex-PM Thaksin's political influence
Thailand's Constitutional Court rejects a petition seeking to stop Thaksin Shinawatra from interfering in the running the Pheu Thai party.
Abidin takes oath of office as Sungai Bakap assemblyman
The State Assemblyman for Sungai Bakap, Abidin Ismail, was sworn in today at the State Assembly building, Lebuh Light.
UPNM cadet officer charged with injuring junior, stomping on him with spike boots
A cadet officer at UPNM pleaded not guilty to a charge of injuring his junior by stomping on the victim's stomach with spike boots.
How Indian billionaire Gautam Adani's alleged bribery scheme took off and unraveled
The indictment was unsealed on Nov. 20, prompting a $27 billion plunge in Adani Group companies' market value.
Elon Musk blasts Australia's planned ban on social media for children
Several countries have already vowed to curb social media use by children through legislation, but Australia's policy could become one of the most stringent.
Trump picks Pam Bondi for US Attorney General after Gaetz withdraws
Bondi was the top law enforcement officer of the country's third most populous state from 2011 to 2019, and served on Trump's Opioid and Drug Abuse Commission during his first administration.
Ringgit extends uptrend against greenback in early trade
At 8 am, the local currency climbed to 4.4600/4700 against the greenback.
Lebanon's only burn unit treats toddlers after Israeli strikes
The hospital hallways echo with the screams of children as anxious parents await news from doctors.