Microsoft and international intelligence agencies have released a report detailing how Chinese hackers have had unprecedented access to US infrastructure for over two years.
In addition to the living-off-the-land approach, the hackers employed compromised home and small office routers as an intermediary infrastructure to conceal their activity. This enabled them to communicate with infected computers using local ISPs in the same geographical area.
"To achieve their objective, the threat actor puts a strong emphasis on stealth in this campaign, relying almost exclusively on living-off-the-land techniques and hands-on-keyboard activity.
According to Microsoft researchers, the purpose of the campaign is probably to enhance abilities for interfering with crucial communication infrastructure between the US and Asia region during potential crises. Guam, for example, holds significant value for the US military due to its Pacific ports and air base. With growing tensions surrounding Taiwan, Guam's strategic importance has garnered attention.
“Volt Typhoon proxies all its network traffic to its targets through compromised SOHO network edge devices ,” Microsoft researchers explain. “Microsoft has confirmed that many of the devices, which include those manufactured by ASUS, Cisco, D-Link, NETGEAR, and Zyxel, allow the owner to expose HTTP or SSH management interfaces to the Internet,” they added.
Several industries have been impacted, including communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education. The advisories offer instructions on how to disinfect networks that have been compromised.
Australia Latest News, Australia Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
China state-sponsored actor carries out 'attack' on US critical infrastructure, Microsoft saysChinese state-sponsored actor Volt Typhoon is carrying out cyberattacks on 'critical infrastructure organizations' in the U.S., according to Microsoft.
Read more »
Microsoft: State-sponsored Chinese hackers could be laying groundwork for disruptionMicrosoft says state-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of communications between the U.S. and Asia in future crises. The targets include Guam, where the U.S. has a major military presence. Separately, the National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency and their counterparts from Australia, New Zealand, Canada and Britain published a joint advisory sharing technical details on what they called the recently discovered cluster of activity. Hostile activity in cyberspace — from espionage to the advanced positioning malware for potential future attacks — has become a hallmark of modern geopolitical rivalry.
Read more »
US, allies, Microsoft allege attacks by China-backed cyber actorUS, its Western allies and Microsoft allege a state-sponsored China cyber actor, Volt Typhoon, has infiltrated critical US infrastructure networks, warning similar activities could be occurring globally
Read more »
Guam residents stock up, batten down as dangerous Super Typhoon Mawar closes inGuerrero ordered residents of coastal, low-lying and flood-prone areas of the territory of over 150,000 people to evacuate to higher elevations.
Read more »
Guam residents stock up, batten down as dangerous Super Typhoon Mawar closes inGuerrero ordered residents of coastal, low-lying and flood-prone areas of the territory of over 150,000 people to evacuate to higher elevations.
Read more »
Super Typhoon Mawar set to hit Guam as potentially 'catastrophic' stormSuper Typhoon Mawar could directly hit Guam with winds as strong as 160 mph. It is expected to strike around noon local time Wednesday.
Read more »