Military Space News
CYBER WARS
 US, Microsoft warn Chinese hackers attacking 'critical' infrastructure
China accuses US, allies of 'disinformation' over hacking claims
Beijing (AFP) May 25 - China accused the United States and its allies of waging a "disinformation campaign" Thursday, after Washington, its Western partners and Microsoft said state-sponsored Chinese hackers had infiltrated critical US infrastructure networks. "This is an extremely unprofessional report with a missing chain of evidence, this is just scissors-and-paste work," foreign ministry spokeswoman Mao Ning said. The allegations were "a collective disinformation campaign of the Five Eyes coalition countries", she said. The United States, Mao said, "was expanding new channels for disseminating disinformation". "But no change in tactics can alter the fact that the US is a hacker empire," she said.
US, Microsoft warn Chinese hackers attacking 'critical' infrastructure
 by AFP Staff Writers
 Washington (AFP) May 25, 2023

State-sponsored Chinese hackers have infiltrated critical US infrastructure networks, the United States, its Western allies and Microsoft said Wednesday while warning that similar espionage attacks could be occurring globally.

Microsoft highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets, but said "malicious" activity had also been detected elsewhere in the United States.

The stealthy attack -- carried out by a China-sponsored actor dubbed "Volt Typhoon" since mid-2021 -- enabled long-term espionage and was likely aimed at hampering the United States if there was conflict in the region, it said.

"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the statement said.

"In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors."

Microsoft's statement coincided with an advisory released by US, Australian, Canadian, New Zealand and UK authorities warning that the hacking was likely occurring globally.

"This activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide," they said.

China denied the allegations, describing the Microsoft report as "extremely unprofessional" and "scissors-and-paste work".

"It is clear that this is a collective disinformation campaign of the Five Eyes coalition countries, initiated by the US for its geopolitical purposes," foreign ministry spokeswoman Mao Ning said, referring to the security alliance of the United States and its Western allies that wrote the report.

"The participation of certain companies shows that aside from government organisations, the US is expanding new channels for disseminating disinformation," she said.

"But no change in tactics can alter the fact that the US is a hacker empire."

- 'Living off the land' -

The United States and its allies said the activities involved "living off the land" tactics, which take advantage of built-in network tools to blend in with normal Windows systems.

It warned that the hacking could then incorporate legitimate system administration commands that appear "benign".

Microsoft said the Volt Typhoon attack tried to blend into normal network activity by routing traffic through compromised small office and home office network equipment, including routers, firewalls and VPN hardware.

"They have also been observed using custom versions of open-source tools," Microsoft said.

Microsoft and the security agencies released guidelines for organisations to try to detect and counter the hacking.

"It's what I would term a low and slow cyber activity," said Alastair MacGibbon, chief strategy officer at Australia's CyberCX and a former head of the Australian Cyber Security Centre.

"This is someone wearing a camouflage vest and carrying a sniper rifle. You don't see them, they're not there," he told AFP.

"When you think about something that can really cause catastrophic harm, it is someone with intent who takes time to get into systems."

Once inside, the cyber attackers can steal information, he said. "But it also gives you the ability to carry out destructive acts at a later stage."

- 'Highly sophisticated' -

A number of other governments had found similar activity since the Volt Typhoon alert was issued, said Robert Potter, co-founder of Australian cybersecurity firm Internet 2.0.

"I am not sure how communications infrastructure would be at risk from these attacks because those networks are highly resilient and difficult to bring down for more than small intervals," Potter told AFP.

"However, the ongoing threat from China-based APT (advanced persistent threat) groups is real."

The director of the US Cybersecurity and Infrastructure Security Agency, Jen Easterly, said China had been stealing intellectual property and data worldwide for years.

"Today's advisory, put out in conjunction with our US and international partners, reflects how China is using highly sophisticated means to target our nation's critical infrastructure," Easterly said.

Related Links
 Cyberwar - Internet Security News - Systems and Policy Issues

Subscribe Free To Our Daily Newsletters
Tweet

RELATED CONTENT
The following news reports may link to other Space Media Network websites.
CYBER WARS
China scammer uses AI to pose as man's friend, steal millions
 Beijing (AFP) May 24, 2023
 A scammer in China used AI to pose as a businessman's trusted friend and convince him to hand over millions of yuan, authorities have said. The victim, surnamed Guo, received a video call last month from a person who looked and sounded like a close friend. But the caller was actually a con artist "using smart AI technology to change their face" and voice, according to an article published Monday by a media portal associated with the government in the southern city of Fuzhou. The scammer was ... read more
CYBER WARS
Life and death weigh on Ukraine air defence teams

 Zelensky thanks air defence after largest drone attack on Kyiv in the invasion

 Lockheed Martin to modernize US missile defense with C2BMC

 Raytheon to provide Patriot air defense system to Switzerland
CYBER WARS
Iran unveils new ballistic missile

 All targets 'destroyed' in overnight Ukraine strikes: Russia

 Elbit Systems secures $305M deal for PULS Rocket Artillery Systems for Dutch Army

 Northrop Grumman ships IBCS to Poland for WISLA Air Defense system
CYBER WARS
Kyiv defences repel Russian drone attack: officials

 Kyiv repels air strikes, day after huge Russian bombardment

 ETRI lays the groundwork for convenient and safe drone flight

 Military drones are swarming the skies of Ukraine and other conflicts
CYBER WARS
Accenture invests in SpiderOak to elevate satellite communications security in space

 Airbus selects UK National Satellite Test Facility for SKYNET 6A testing

 SES and TESAT to develop payload for Europe's EAGLE-1 quantum cryptography satellite system

 CesiumAstro to supply 7 comms payloads to Raytheon for SDA Tranche 1 Tracking Layer.
CYBER WARS
MARSS passes major milestone in multi-site defence project in the middle east

 PathFinder Digital receives additional orders under DLA IDIQ Contract

 AFWERX announces new Mantra, Mission and Vision Statement

 Czechs ink $2.7 bn deal for Swedish combat vehicles
CYBER WARS
South Korea says Ukraine artillery ammo report 'inaccurate'

 South Africa to probe U.S. claims of loading Russian vessel with weapons

 Denmark to triple defence budget over next decade

 U.S. sanctions Wagner leader for sourcing weapons through Mali
CYBER WARS
EU urges China to push Russia to withdraw from Ukraine

 China congratulates Turkey's Erdogan on re-election

 China declines meeting with US defense chief: Pentagon

 China's premier hails close ties in talks with Russian PM
CYBER WARS
Single-molecule valve: a breakthrough in nanoscale control
Subscribe Free To Our Daily Newsletters




The content herein, unless otherwise known to be public domain, are Copyright 1995-2024 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.