Brother
Professional
- Messages
- 2,590
- Reaction score
- 496
- Points
- 83
The US is resisting China's attempts to attack critical infrastructure in the West.
In recent months, the US government launched an operation to combat a large-scale Chinese hacking operation that successfully compromised thousands of Internet-connected devices. This was reported to Reuters by two Western security officials and one person familiar with the situation.
The Justice Department and the FBI have been granted the right to remotely disable parts of the Chinese hacking campaign. The Biden administration is paying special attention to hacking attacks, fearing not only possible state interference in the US elections in November, but also due to the fact that in 2023, ransomware caused significant damage to the US corporate environment.
The hacker group Volt Typhoon, which has found itself in the center of events, is particularly concerned about intelligence officers. They believe the group is part of a larger effort to compromise critical infrastructure in the West, including seaports, Internet service providers and utilities.
The Volt Typhoon campaign was first discovered in May 2023, but hackers expanded the scope of their operations at the end of the year, changing some of their techniques. The widespread nature of the hacking attacks has led to a series of meetings between the White House and private technology companies, including several telecommunications and cloud firms that the U.S. government has asked for help tracking the activities of cybercriminals.
Such hacks, according to national security experts, could allow China to remotely disrupt important facilities in the Indo-Pacific region that support or serve U.S. military operations in one form or another. Sources say U.S. officials worry that hackers are trying to undermine U.S. preparedness in the event of a conflict between China and Taiwan. China, which considers Taiwan its territory, has increased its military activity near the island in recent years in response to what Beijing calls "collusion" between Taiwan and the United States. The Justice Department and the FBI did not comment on the situation.
When Western countries first warned about the Volt Typhoon in May, Chinese Foreign Ministry spokesman Mao Ning said the hacking allegations were a "collective disinformation campaign" by the Five Eyes, a group of intelligence-sharing countries consisting of the United States, Canada, New Zealand, Australia and the United Kingdom.
Volt Typhoon works by seizing control of a host of vulnerable devices around the world, such as routers, modems, and even internet-connected video cameras, to hide further attacks on more sensitive targets. At the same time, the captured devices are geographically located near the port or Internet provider, then hackers use them to further embed them in the target. Such a botnet is of particular concern to Western security services, since for the information security team, traffic looks like a normal user located nearby.
The use of botnets by both government hackers and ordinary cybercriminals to disguise their cyber operations is not a new phenomenon. This approach is often used when an attacker wants to quickly attack multiple victims at the same time or wants to hide their sources.
In recent months, the US government launched an operation to combat a large-scale Chinese hacking operation that successfully compromised thousands of Internet-connected devices. This was reported to Reuters by two Western security officials and one person familiar with the situation.
The Justice Department and the FBI have been granted the right to remotely disable parts of the Chinese hacking campaign. The Biden administration is paying special attention to hacking attacks, fearing not only possible state interference in the US elections in November, but also due to the fact that in 2023, ransomware caused significant damage to the US corporate environment.
The hacker group Volt Typhoon, which has found itself in the center of events, is particularly concerned about intelligence officers. They believe the group is part of a larger effort to compromise critical infrastructure in the West, including seaports, Internet service providers and utilities.
The Volt Typhoon campaign was first discovered in May 2023, but hackers expanded the scope of their operations at the end of the year, changing some of their techniques. The widespread nature of the hacking attacks has led to a series of meetings between the White House and private technology companies, including several telecommunications and cloud firms that the U.S. government has asked for help tracking the activities of cybercriminals.
Such hacks, according to national security experts, could allow China to remotely disrupt important facilities in the Indo-Pacific region that support or serve U.S. military operations in one form or another. Sources say U.S. officials worry that hackers are trying to undermine U.S. preparedness in the event of a conflict between China and Taiwan. China, which considers Taiwan its territory, has increased its military activity near the island in recent years in response to what Beijing calls "collusion" between Taiwan and the United States. The Justice Department and the FBI did not comment on the situation.
When Western countries first warned about the Volt Typhoon in May, Chinese Foreign Ministry spokesman Mao Ning said the hacking allegations were a "collective disinformation campaign" by the Five Eyes, a group of intelligence-sharing countries consisting of the United States, Canada, New Zealand, Australia and the United Kingdom.
Volt Typhoon works by seizing control of a host of vulnerable devices around the world, such as routers, modems, and even internet-connected video cameras, to hide further attacks on more sensitive targets. At the same time, the captured devices are geographically located near the port or Internet provider, then hackers use them to further embed them in the target. Such a botnet is of particular concern to Western security services, since for the information security team, traffic looks like a normal user located nearby.
The use of botnets by both government hackers and ordinary cybercriminals to disguise their cyber operations is not a new phenomenon. This approach is often used when an attacker wants to quickly attack multiple victims at the same time or wants to hide their sources.
