Chinese hackers targeting critical US infrastructure, says Microsoft
Microsoft Corp. said it’s found malicious activity by a Chinese-state sponsored hacking group that has stealthily gained access into critical infrastructure organizations in Guam and elsewhere in the US, with the likely aim of disrupting critical communications in the event of a crisis.
In a report published Wednesday, Microsoft said the group, named Volt Typhoon, had been active since mid-2021, targeting organizations that span manufacturing, construction, maritime, government, information technology and education. Microsoft said it has “directly notified targeted or compromised customers” and had accessed, with “moderate confidence,” that the activity was in preparation to upend communications during a future crisis.
Guam, a US island territory located 1,600 miles (about 2,600 kilometers) east of Manila, has become an increasingly important military and strategic hub as tensions with China ratchet up, including the possibility that it might use its military to enforce its claim to the self-ruled island of Taiwan.
Volt Typhoon initially gained access to the targeted organizations through internet-facing devices manufactured by Fortinet Inc., a Sunnyvale, California-based cybersecurity company, according to Microsoft, adding it was still investigating how the hackers were able to access the equipment. The hackers used whatever privileges they could gain from the Fortinet devices to extract more credentials to authenticate to other devices on the networks, Microsoft said. There, the hackers intended “to perform espionage and maintain access without being detected for as long as possible,” Microsoft added.
A representative for Fortinet didn’t respond to a request for comment. A Microsoft spokesperson declined to elaborate on the report.
Download The Mint News App to get Daily Market Updates & Live Business News.