Microsoft Issues Warning: Chinese Hackers Launch Attack on U.S. Infrastructure

(CTN News) – On Wednesday, Microsoft warned that Chinese state-sponsored hackers had breached “critical” U.S. cyber infrastructure across multiple businesses to acquire intelligence.

Chinese Hacking Group “Volt Typhoon” Targeting Critical US Industries, Microsoft Reports

Microsoft said that the Chinese hacking group “Volt Typhoon,” which used the alias from the middle of 2021, has been active ever since. According to Microsoft, the group aims to sabotage operations during “future crises” by disrupting “critical communications infrastructure between the United States and Asia.”

On Wednesday, the National Security Agency released a bulletin explaining the intrusion and offering guidance on how cybersecurity teams should react.

The assault seems to be continuing. Microsoft advised affected users to “close or change credentials for all compromised accounts.”

According to a February New York Times article, U.S. intelligence officials learned about the intrusion while a Chinese spy balloon was shot down.

According to the Times, U.S. intelligence was alarmed by the infiltration because Guam is important to the United States military reaction in the event of an attack from Taiwan. The infiltration reportedly targeted communications equipment on Guam and other U.S. islands.

Microsoft Urges Impacted Customers to Take Immediate Action Against Chinese Hackers

Microsoft has warned that the malware known as Volt Typhoon can penetrate networks by exploiting a flaw in the widely used protection solution FortiGuard. To obtain access to more business networks, the hacker organization grabs user credentials from the security suite once it has compromised one.

According to Microsoft, state-sponsored hackers aren’t actively seeking disruption at this time. A more accurate description would be that “the threat actor intends to perform espionage and maintain access without being detected for as long as possible.”

Microsoft claimed the outage hardest hit the communications, transportation, and maritime industries. The government itself was a target.

Hackers supported by the Chinese government have already attacked sensitive data belonging to American businesses. In 2020, hackers working for the Chinese government gained access to the systems of the prestigious legal firm Covington & Burling.

The Cybersecurity and Infrastructure Security Agency stated, in conjunction with foreign and domestic intelligence services, expressed concern about the ongoing threat posed by Chinese cyberattacks on U.S. intellectual property.

“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organisations around the globe,” CISA director Jen Easterly said.