Security News > 2023 > May > Chinese hackers breach US critical infrastructure in stealthy attacks
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at least mid-2021.
"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the Microsoft Threat Intelligence team said.
As Mandiant Intelligence Chief Analyst John Hultquist told BleepingComputer, these intrusions into US critical infrastructure orgs are likely part of a concerted effort to provide China with access in the event of a future conflict between the two countries.
"States conduct long-term intrusions into critical infrastructure to prepare for possible conflict, because it may simply be too late to gain access when conflict arises. Similar contingency intrusions are regularly conducted by states."
"Over the last decade, Russia has targeted a variety of critical infrastructure sectors in operations that we do not believe were designed for immediate effect. China has done the same in the past, targeting the oil and gas sector. These operations are aggressive and potentially dangerous, but they don't necessarily indicate attacks are looming."
Critical infrastructure also hit by supply chain attack behind 3CX breach.
News URL
Related news
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Largest US addiction treatment provider notifies patients of data breach (source)