US Warns Chinese Hackers Against Hacking 'Critical' Infrastructure
Washington: State-sponsored Chinese hackers have infiltrated critical US infrastructure networks, said the United States, its Western allies and Microsoft while warning that similar attacks could be occurring globally, Standard Media reported.
Microsoft highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets, but said "malicious" activity had also been detected elsewhere in the United States.
The Standard Group Plc is a multi-media organization in media platforms spanning newspaper print operations, television, radio broadcasting, and digital and online services. The Standard Group is recognized as a leading multi-media house in Kenya with a key influence in matters of national and international interest.
The stealthy attack carried out by a China-sponsored actor dubbed "Volt Typhoon" since mid-2021 enabled long-term espionage and was likely aimed at hampering the United States if there was a conflict in the region, it said.
"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing the development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the statement said.
"In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors," the statement said further.
Microsoft's statement coincided with an advisory released by US, Australian, Canadian, New Zealand and British authorities warning that the hacking was likely occurring globally, Standard Media reported.
"This activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide," they said.
The United States and its allies said the activities involved "living off the land" tactics, which take advantage of built-in network tools to blend in with normal Windows systems.
It warned that the hacking could then incorporate legitimate system administration commands that appear "benign".
Microsoft said the Volt Typhoon attack tried to blend into normal network activity by routing traffic through compromised small office and home office network equipment, including routers, firewalls and VPN hardware, Standard Media reported.
"They have also been observed using custom versions of open-source tools," Microsoft said.
Microsoft and the security agencies released guidelines for organizations to try to detect and counter the hacking.
The director of the US Cybersecurity and Infrastructure Security Agency, Jen Easterly, said China had been stealing intellectual property and data worldwide for years.
"Today's advisory, put out in conjunction with our US and international partners, reflects how China is using highly sophisticated means to target our nation's critical infrastructure," Easterly said.
China offered no immediate response to the allegations. But it routinely denies carrying out state-sponsored cyber-attacks, Standard Media reported.
China in turn regularly accuses the United States of cyber espionage.
No comments:
Post a Comment