Chinese hacking group targets US infrastructure, Microsoft warns

Microsoft hacking overview:

• Who: In a blog post, Microsoft warns a Chinese hacking group targeted U.S. infrastructure.
• Why: The state-sponsored hacking group is likely engaged in intelligence-gathering efforts, Microsoft says.
• Where: The Chinese hacking group reportedly targeted various industries throughout the United States.
• What are my options: Norton LifeLock provides data security options.

Microsoft warns in a May 24 blog post that a Chinese hacking group targeted U.S. infrastructure across various industries in an effort to gather intelligence.

A Chinese state-sponsored group known as Volt Typhoon reportedly targeted the communications, construction, manufacturing, maritime, transportation, utility and other industries using “stealth” tactics not detected by many cybersecurity systems, Microsoft says in the post.

Volt Typhoon has reportedly been targeting these industries since mid-2021.

Chinese hacking group could disrupt critical communications infrastructure during crises, Microsoft says

In the blog post, Microsoft writes its researchers assessed “with moderate confidence” that the Chinese hacking group “is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.”

Microsoft says the Volt Typhoon group likely intended to maintain access to the systems without being detected “for as long as possible.”

Cybersecurity agencies in the United States, Canada, the United Kingdom, Australia and New Zealand confirmed they are aware of the Chinese hacking group. In a joint advisory, the agencies describe how the Chinese hacking group evades detection by using legitimate network administration tools instead of malicious software.

The advisory also says the Chinese hacking group is able to “avoid detection by many endpoint detection and response products.”

Government officials and Microsoft say they have directly notified organizations that may be targets of the Chinese espionage efforts.

In recent years, cybersecurity researchers accused China of conducting cyberattacks on U.S. businesses as part of an intelligence-gathering effort.

Mandiant Intelligence-Google Cloud chief analyst John Hultquist, a cybersecurity researcher, says the Chinese espionage efforts are “aggressive and potentially dangerous” but is not certain a cyberattack is imminent.

“Chinese cyberthreat actors are unique among their peers in that they have not regularly resorted to destructive and disruptive cyberattacks,” he says. “As a result, their capability is quite opaque.

“This disclosure is a rare opportunity to investigate and prepare for this threat.”

Last year, Microsoft announced it was working to disrupt a Russian hacking group called Seaborgium that was reportedly attempting to trick employees into clicking on malicious files.

What do you think about the hacking group espionage reports? Join the discussion in the comments.

Read About More Class Action Lawsuits & Class Action Settlements:

• Kaiser class action claims company lets Google, Twitter ‘wiretap’ sensitive health information
• Hearst class action claims apps share user information with Google, other third parties
• Meta seeks dismissal of Pixel data privacy case
• CVS class action claims retailer collects biometric data when creating passport photos