/cdn.vox-cdn.com/uploads/chorus_asset/file/23962442/acastro_STK067__03.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24247717/lp_logo_3.0.jpg){kind=logo}
/cdn.vox-cdn.com/uploads/chorus_asset/file/24016885/STK093_Google_04.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24808816/Starfield__The_Settled_Systems___Supra_Et_Ultra_____Starfield__The_Settled_Systems___Su)
[ad_1]
Microsoft has warned that a state-sponsored Chinese hacking group may have compromised “critical” infrastructure in the US to disrupt communications between the country and Asia in the event of a crisis.
In a rare announcement about the system breach, the US technology conglomerate said the hackers, codenamed “Volt Typhoon”, have been operating since mid-2021. Microsoft said they have been able to infiltrate organizations across industries by exploiting vulnerabilities in a popular cyber security platform called FortiGuard.
“In this campaign, affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology and education sectors,” Microsoft said. It added that the hacking group’s actions had focused on intelligence gathering and espionage rather than causing immediate disruption.
It added: “Microsoft assesses with moderate confidence that it is pursuing the development of Volt Typhoon campaign capabilities that could disrupt critical communications infrastructure between the United States and the Asia region during future crises.” “
Microsoft said it had notified targeted or compromised customers and urged them to close or secure their accounts.
US and international cybersecurity officials issued a joint advisory notice on Wednesday about Volt Typhoon that also warned of Chinese state-sponsored cyber threats.
Rob Joyce, cyber security director at the US National Security Agency, said: “A PRC state-sponsored actor is living off the ground, using built-in network tools to evade our defenses and leaving no trace behind. It becomes imperative to work together to find and remove the actor from our critical network.
“Staying off the ground” refers to cyber-attacks that use legitimate tools already installed on a person’s devices to hack, making them much more difficult to detect than traditional malware attacks, which include Usually the victim needs to download files.
John Hultquist, principal analyst at Mandiant Intelligence – a cyber defense service owned by Google – said the Volt Typhoon hack was “offensive and potentially dangerous”.
“Chinese cyber threat actors are unique among their peers in that they have not routinely resorted to destructive and disruptive cyber attacks. As a result, their capabilities are fairly opaque. This disclosure provides a rare opportunity to investigate and prepare for this threat. have the opportunity.
