 |
Chinese state-sponsored hacking group, Volt Typhoon, accused of carrying out cyber-espionage on US targets.
| Image Credit: Google |
Chinese Cyberespionage
Campaign had been aimed at civilian and military targets in the United States,
a multination alert disclosed the threat last week.
According
to warning issued by US State Department, China can launch cyber-attacks on
various United States infrastructures, including oil and gas pipelines and rail
systems.
The threat
was discovered by researcher in US who noticed some Chinese group of hackers
spying at such networks in the country.
Official Statement by US:
Mathew
Miller, the Spokesperson for State Department revealed in a press briefing on
Thursday, 25th of May,
“The US intelligence community assesses that China almost
certainly is capable of launching cyberattacks that could disrupt critical
infrastructure services within the United States, including against oil and gas
pipelines and rail systems,” Al Jazeera reported.
He also
warned the government officials and network defenders in the public to stay
vigilant.
 |
| Image Credit: Google |
Mircosoft about “Volt Typhoon”:
It is and
espionage group dubbed by Microsoft being taken as the Chinese state-sponsored hacking group. It was the subject of an alert issued cyber security
and intelligence agencies in the US, Australia, Canada, New Zealand and United
Kingdom, commonly known as “Five Eyes”.
According
to researchers of Microsoft, Volt Typhoon was developing capabilities to disrupt
critical communications infrastructure between United States and Asian region
during future crises. This seems to be a nod to the escalation of tension between
China and United States over Taiwan and other issues.
Volt Typhoon Campaign:
Microsoft
commented about campaigns of Volt Typhoon that it relies “living off the land”
attack that mainly includes:
- Fileless
Malware:
- Using Existing programmed to carry out attacks rather than installing files.
- Blending
Data Technique:
- It blends in with normal network activity by routing data through office and home networking equipment like routers firewalls and VPNs.
These campaigns,
as according to Microsoft are extremely difficult to detect.
Volt
Typhoon has targeted critical infrastructure organizations in the US Pacific
territory of Guam. In addition, security firm Fortinet’s FortiGuard devices
were being used by the hacking group to break into its targets.
The US Cybersecurity and Infrastructure Security Agency (CISA):
The CISA separately
working to understand the breadth of potential intrusion and associated
impacts.
This
practice would help the agency to provide assistance when required and enable
it to understand effectively the tactics undertaken by this adversary. Al-Jazeera
quoted Reuters about the statement given by CISA Executive Assistant Director,
Eric Goldstein.
In
addition, he said that many traditional methods of detection such as antivirus,
will not help to find these intrusions.
Another
Researcher, Marc Burnard who work in an organization Secureworks also dealt
with several intrusions tied to Volt Typhoon said about his organization that
it couldn’t find any evidence of destructive activity by Volt Typhoon, but it
could only drawn conclusion that the hackers were focused on stealing of
information about the activities of US military.
The response of Chinese Government over Cyberattack Warning:
The
Chinese government has rendered the joint warning issued by US and its allies
as a “Collective Disinformation Campaign”.
Mao Ning, Spokesperson
for Chinese Ministry told the reporters that Five Eyes alerts were intended to
promote their intelligence alliance and termed Washington guilty of hacking.
She declared
United States as “the Empire of Hacking” by terming the joint warning as “Extremely
unprofessional report with a missing chain of evidence.
She concluded
the brief by saying that this is just a “Scissors and paste work”.
(Courtesy:
Al-Jazeera)
0 Comments