Cybersecurity Alert: China's Volt Typhoon Poses Threat to US Critical Communication Infrastructure

 

Chinese state-sponsored hacking group, Volt Typhoon, accused of carrying out cyber-espionage on US targets.

Image Credit: Google

Malik Rizwan

Chinese Cyberespionage Campaign had been aimed at civilian and military targets in the United States, a multination alert disclosed the threat last week.

According to warning issued by US State Department, China can launch cyber-attacks on various United States infrastructures, including oil and gas pipelines and rail systems.

The threat was discovered by researcher in US who noticed some Chinese group of hackers spying at such networks in the country.

Official Statement by US:

Mathew Miller, the Spokesperson for State Department revealed in a press briefing on Thursday, 25^th of May,

“The US intelligence community assesses that China almost certainly is capable of launching cyberattacks that could disrupt critical infrastructure services within the United States, including against oil and gas pipelines and rail systems,” Al Jazeera reported.

He also warned the government officials and network defenders in the public to stay vigilant.

Image Credit: Google

Mircosoft about “Volt Typhoon”:

It is and espionage group dubbed by Microsoft being taken as the Chinese state-sponsored hacking group. It was the subject of an alert issued cyber security and intelligence agencies in the US, Australia, Canada, New Zealand and United Kingdom, commonly known as “Five Eyes”.

According to researchers of Microsoft, Volt Typhoon was developing capabilities to disrupt critical communications infrastructure between United States and Asian region during future crises. This seems to be a nod to the escalation of tension between China and United States over Taiwan and other issues.

Volt Typhoon Campaign:

Microsoft commented about campaigns of Volt Typhoon that it relies “living off the land” attack that mainly includes:

• Fileless Malware: 

• Using Existing programmed to carry out attacks rather than installing files.

• Blending Data Technique: 

• It blends in with normal network activity by routing data through office and home networking equipment like routers firewalls and VPNs.

These campaigns, as according to Microsoft are extremely difficult to detect.

Volt Typhoon has targeted critical infrastructure organizations in the US Pacific territory of Guam. In addition, security firm Fortinet’s FortiGuard devices were being used by the hacking group to break into its targets.  

The US Cybersecurity and Infrastructure Security Agency (CISA):

The CISA separately working to understand the breadth of potential intrusion and associated impacts.

This practice would help the agency to provide assistance when required and enable it to understand effectively the tactics undertaken by this adversary. Al-Jazeera quoted Reuters about the statement given by CISA Executive Assistant Director, Eric Goldstein.

In addition, he said that many traditional methods of detection such as antivirus, will not help to find these intrusions.

Another Researcher, Marc Burnard who work in an organization Secureworks also dealt with several intrusions tied to Volt Typhoon said about his organization that it couldn’t find any evidence of destructive activity by Volt Typhoon, but it could only drawn conclusion that the hackers were focused on stealing of information about the activities of US military.

The response of Chinese Government over Cyberattack Warning:

The Chinese government has rendered the joint warning issued by US and its allies as a “Collective Disinformation Campaign”.

Mao Ning, Spokesperson for Chinese Ministry told the reporters that Five Eyes alerts were intended to promote their intelligence alliance and termed Washington guilty of hacking.

She declared United States as “the Empire of Hacking” by terming the joint warning as “Extremely unprofessional report with a missing chain of evidence.

She concluded the brief by saying that this is just a “Scissors and paste work”.

(Courtesy: Al-Jazeera)