Chinese hacking group spying on US critical infrastructure, Western intelligence agencies say
- The state-sponsored Volt Typhoon group has been targeting everything from telecoms to transport hubs, as well as the island territory of Guam, Microsoft says
- The US National Security Agency is working with Canada, New Zealand, Australia, and the UK, as well as the FBI and others to identify breaches
A state-sponsored Chinese hacking group has been spying on a wide range of US critical infrastructure organisations, from telecommunications to transport hubs, Western intelligence agencies and Microsoft said on Wednesday.
The espionage has also targeted the US island territory of Guam, home to strategically important American military bases, Microsoft said in a report, adding “mitigating this attack could be challenging”.
It was not immediately clear how many organisations were affected, but the US National Security Agency (NSA) said it was working with partners including Canada, New Zealand, Australia, and the UK, as well as the US Federal Bureau of Investigation to identify breaches.
While Chinese hackers are known to spy on Western countries, this is one of the largest known cyber-espionage campaigns against American critical infrastructure.
“A PRC (People’s Republic of China) state-sponsored actor is living off the land, using built-in network tools to evade our defences and leaving no trace behind,” NSA Cybersecurity Director Rob Joyce said in a statement.
Such “living off the land” spy techniques are harder to detect as they use “capabilities already built into critical infrastructure environments,” he added.
