On Wednesday, Microsoft, along with Western intelligence agencies, released a statement that a China-backed hacker group was spying on a number of key US infrastructures. China denies these allegations and names what happened “collective disinformation campaign” USA and its allies.
The China-based hacking group known as Volt Typhoon or Bronze Silhouette has been active since mid-2021, according to Microsoft. “espionage and intelligence gathering.” Hackers try to gain access to critical systems and then maintain it for as long as possible without revealing their presence. The list of targets includes the communications, manufacturing, utilities, transportation, construction, shipping, government, information technology and education sectors.
Microsoft admits that detecting and fixing Volt infiltrations on different systems “can be challenging” as the group uses a combination of different methods to steal information, including fileless malware and account theft. Microsoft believes the goal of the Volt campaign is to develop capabilities that “could disrupt the critical communications infrastructure between the US and Asia in future crises“.
In connection with Microsoft’s discovery of hacking activity, the Cybersecurity and Infrastructure Security Agency (CISA) has issued cybersecurity alerts, backed by Dell-owned cybersecurity firm Secureworks.
According to Reuters, Volt Typhoon is one of the largest known Chinese cyberespionage groups with targets in the United States, which also operates in other regions. Currently, the US National Security Agency (NSA) and the US Federal Bureau of Investigation (FBI), in cooperation with the Five Eyes intelligence alliance, which includes the US, Australia, Canada, New Zealand and the UK, are investigating whether Volt Typhoon has already penetrated the computer systems of other countries.
Commenting on these claims, Chinese Foreign Ministry spokeswoman Mao Ning said Washington was responsible for the hacking “The United States is a hack empire.”