Western intelligence says that Chinese hackers are spying on important US assets.
WASHINGTON: Western intelligence agencies and Microsoft said on Wednesday that a Chinese hacking group backed by the government has been spying on a wide range of US key infrastructure organizations, from telecommunications to transportation hubs.
Microsoft said in a report that the spying had also been done on the US island state of Guam, which is home to strategically important US military bases. The company also said that it could be hard to stop this attack. Even though China and the US spy on each other all the time, analysts say this is one of the largest cyberespionage operations that China is known to have run against American critical infrastructure.
Mao Ning, a spokesman for China’s foreign ministry, said Thursday that the hacking claims were part of a “collective disinformation campaign” by the Five Eyes countries. The Five Eyes countries are the US, Canada, New Zealand, Australia, and the UK. They share intelligence with each other.
Mao said that the US started the campaign for geopolitical reasons, and the Microsoft report showed that the US government was spreading false information through more channels than just government organizations.
Beijing says it is a “collective disinformation campaign” and denies the claim.
“But no matter what methods are used, the United States will always be the hacking empire,” she said at a regular press briefing in Beijing.
It wasn’t clear right away how many organizations were affected, but the US National Security Agency (NSA) said it was working with partners and the US Federal Bureau of Investigation to find breaches. Canada, the United Kingdom, Australia, and New Zealand all said that the hackers could also go after them.
Analysts at Microsoft said they were “moderately confident” that this Chinese group, which Microsoft called “Volt Typhoon,” was building tools that could disrupt important contacts between the US and Asia in times of crisis.
“It means they are preparing for that possibility,” said John Hultquist, who is in charge of threat research at Google’s Mandiant Intelligence.
He also said that experts don’t know enough about what this group might be able to do yet, which makes their actions unique and scary.
“Because of the way things are going in the world, there is more interest in this actor.” China has been putting more military and diplomatic pressure on democratically run Taiwan, and US President Joe Biden has said he would be willing to use force to protect Taiwan.
Security experts think that if China invades Taiwan, Chinese hackers could go after US defense networks and other important infrastructure.
The NSA and other Western cyber agencies told companies that run key infrastructure to use the technical advice they gave to look for suspicious activity.
In a joint statement with the NSA, Paul Chichester, director of the UK’s National Cyber Security Centre, said, “It is very important that operators of critical national infrastructure take steps to stop attackers from hiding on their systems.”