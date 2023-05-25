25.05.2023



Western intelligence agencies and Microsoft have disclosed that a Chinese hacker organization has extensively targeted and invaded key US network infrastructure in Guam and other places, conducting intelligence searches. The New York Times warned that Guam is the core base of the U.S. military in the Asia-Pacific. If communication capabilities are blocked, it may seriously affect the U.S. response to the Taiwan Strait crisis.

(Deutsche Welle Chinese Network) Microsoft Corporation released a report on Wednesday (May 24) and warned that the Chinese government-backed and China-based hacker organization “Volt Typhoon” (Volt Typhoon) has been operating for a long time since 2021. Target and hack critical cyber infrastructure across multiple U.S. industries, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education.

Volt Typhoon infiltrates by installing malware code called a “Web shell,” sometimes through home routers and other common Internet consumer devices, making it harder to detect, Microsoft said.

Reuters reported that it was one of the largest known cyber espionage campaigns targeting critical U.S. infrastructure.

Microsoft stated that the purpose of the hacker group is mainly for intelligence gathering and latent development, so that in the event of a future crisis, it has the ability to destroy the key communication infrastructure between the United States and Asia, but there is no evidence that it has launched any destructive attack. Instead, the group prefers to “perform espionage and maintain access for as long as possible” without being detected.

According to a report released by Microsoft, the espionage campaign also included the U.S. island of Guam. The Times reported that the hacking focused on U.S. communications infrastructure in Guam, which is of particular concern to U.S. intelligence agencies.

Guam is home to US naval ports and air bases, and is an important US military base in Asia, as well as a key base for dealing with any potential conflicts in the region. The “New York Times” warned that if the Taiwan Strait crisis occurs and China invades Taiwan by force, if the US’s communication capabilities in Guam are cut off, it will seriously affect the response.

U.S. intelligence agencies discovered the hack in February, according to The New York Times. Around the same time, there was a “spy balloon” incident between the US and China. The U.S. accuses the Chinese balloons that flew over the U.S. to be used for intelligence searches in China. An unnamed U.S. government official told The New York Times in an interview that they believe the malware code is also part of a massive intelligence search effort in China.

Microsoft warned that the hacker group’s intrusion is apparently still in progress. Microsoft released detailed information about the malicious code and called on victimized users to detect and delete it.

“A PRC state-sponsored actor is ‘living off the land’ using built-in cyber tools to evade our detection and defense systems and leave no trace.” U.S. National Rob Joyce, director of cybersecurity at the National Security Agency (NSA), said in a statement.

It is unclear how many units were affected, but the NSA said it was working with partners including Canada, New Zealand, Australia and the United Kingdom, as well as the FBI in the investigation.

The Canadian Cyber ​​Security Agency stated that there are currently no reports of hackers attacking Canada, but because many infrastructures in Western countries are closely connected, cyber attacks on a single country may affect other countries; The technology used in the US network may be applicable to the whole world.

The Chinese embassy in Washington did not immediately respond to Reuters’ request for comment.

