world
Thursday May 25, 2023
Chinese hackers breach US infrastructure, Microsoft warns

Thursday May 25, 2023

Photographed on November 27, 2017, the Microsoft headquarters in France. AFP/File
Chinese state-sponsored hacking group "Volt Typhoon" has been identified by Microsoft as responsible for ongoing attacks on critical US cyber infrastructure. 

The hackers have targeted multiple industries to gather intelligence and disrupt communication infrastructure between the United States and Asia. 

Microsoft has advised affected organisations to close or change compromised account credentials and stated that the hackers' primary objective is espionage rather than immediate disruption.

In a recent advisory, Microsoft issued a warning regarding a series of cyber attacks on vital US infrastructure carried out by Chinese state-sponsored hackers. 

These attacks, attributed to a group known as "Volt Typhoon," have been ongoing since mid-2021 and primarily aim at gathering intelligence.  Microsoft emphasised the need for affected customers to take immediate action by changing or closing compromised account credentials. 

The hackers exploit an undisclosed vulnerability in the widely-used cybersecurity suite FortiGuard to infiltrate organisations, steal user credentials, and attempt to gain unauthorised access to other systems. 

Rather than causing immediate disruption, the hackers' primary objective appears to be long-term espionage and maintaining undetected access. Various critical sectors, including communications, transportation, maritime industries, and government organizations, have been impacted by the attacks.

Covington and Burling, a renowned law firm, fell victim to suspected Chinese government-backed hackers in 2020, underscoring the ongoing threat posed by Chinese cyber attacks. 

In a joint statement with international and domestic intelligence services, the Cybersecurity and Infrastructure Security Agency (CISA) highlighted the consistent risk Chinese hackers pose to American intellectual property. 

CISA Director Jen Easterly emphasised China's history of conducting aggressive cyber operations to steal valuable data and sensitive information from organisations worldwide.

