Microsoft has warned about an attack by Chinese hackers on US infrastructure
China-backed hackers have compromised “critical” US cyber infrastructure across multiple industries, focusing on intelligence gathering. Microsoft warned about this, writes CNBC.
It is about a Chinese hacker group codenamed Volt Typhoon, which has been active since mid-2021. Microsoft notes that the organization is apparently working to destroy critical communications infrastructure between the US and Asia.
According to the company, infrastructure has been affected in almost all critical sectors, including communications, transport and maritime. Government organizations have also been targeted. As a result, Microsoft urged affected customers to close or change credentials for all compromised accounts.
Meanwhile, the National Security Agency released a bulletin detailing how the hacker attack works and how cybersecurity teams should respond to it.
Microsoft believes that hackers are not trying to cause a disruption in work. Rather, they intend to spy and maintain access without being detected for as long as possible.
According to the New York Times, American intelligence services learned about the invasion in February. This happened around the time when the Chinese spy balloon was downed. The penetration focused on communications infrastructure in Guam and elsewhere in the United States. It was particularly worrisome for American intelligence because Guam is at the center of an American “military response” to an invasion of Taiwan.
Chinese government-backed hackers have previously targeted critical and confidential information of American companies. For example, in 2020, the well-known law firm Covington and Burling was hacked by suspected Chinese state hackers.