Chinese Hackers have targeted “critical software”, check out what Microsoft has to say! | Business Upturn

Chinese Hackers have targeted “critical software”, check out what Microsoft has to say!


State-sponsored Chinese hackers have once again made their way inside the critical US infrastructure networks, the United States, its Western allies and Microsoft informed while warning that similar espionage attacks could be occurring globally. Microsoft further highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets, but said “malicious” activity had also been detected elsewhere in the United States. It said the hacking, dubbed “Volt Typhoon”, had started in mid-2021 and was likely targeted at hampering the United States if there was conflict in the region.

“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” the statement said. He continued that, “In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible.” Microsoft’s statement clashed with an advisory released by US, Australian, Canadian, New Zealand and UK authorities. They said a “state-sponsored cyber actor” from China was behind Volt Typhoon and that the hacking was probably occurring globally too.

The United States and its counterparts said the activities involved “living off the land” tactics, which take advantage of built-in network tools to blend in with normal Windows systems. It warned that the hacking could then incorporate legitimate system administration commands that appear “benign”. As a matter of fact, China offered no immediate response to the allegations but it continues to routinely deny carrying out state-sponsored cyber attacks.