Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Chinese hackers targeting critical U.S. infrastructure, Microsoft warns

State-sponsored hackers based in China have been working to compromise critical infrastructure in the U.S., Microsoft said on Wednesday. It’s thought the attacks could lead to the disruption of important communications between the U.S. and its interests in Asia during future crises.

Flags of the U.S. and China.
Dall-E 2

Notable target sites include Guam, a small island in the Pacific with an important U.S. army base that could play an important role in any clash with China over Taiwan.

The malicious activity, which is believed to be ongoing, is apparently the work of Volt Typhoon, a group that’s been active since 2021 and typically focuses on espionage and information gathering. Microsoft became aware of the action in February, around the time when the Chinese spy balloon was brought down off the coast of South Carolina, according to a New York Times report.

A large number of sectors are impacted by Volt Typhoon’s efforts and include communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education. “Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible,” the computer giant said.

The hacking group has been able to infiltrate targeted organizations using a vulnerability in a cybersecurity suite called FortiGuard, Microsoft explained. Once it’s managed to access the target’s system, it nabs user credentials from FortiGuard and then uses them in attempts to infiltrate other systems.

Microsoft said that as with any observed activity of this nature, it has directly notified targeted or compromised customers and provided them with the necessary instructions for securing their systems.

Jen Easterly, director of America’s cyber defense agency (CISA), said in a statement published on Wednesday: “For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe.”

Easterly added: “Today’s advisory highlights China’s continued use of sophisticated means to target our nation’s critical infrastructure, and it gives network defenders important insights into how to detect and mitigate this malicious activity … We encourage all organizations to review the advisory, take action to mitigate risk, and report any evidence of anomalous activity. We must work together to ensure the security and resilience of our critical infrastructure.”

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers just launched the largest HTTPS DDoS attack in history
A depiction of a hacker breaking into a system via the use of code.

The largest ​​HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

Cloudflare, which specializes in DDoS mitigation, announced that it successfully prevented the record-breaking onslaught before it could inflict any real damage.

Read more
Hackers can now take over your computer through Microsoft Word
A dark mystery hand typing on a laptop computer at night.

A new zero-day vulnerability in Microsoft Office could potentially allow hackers to take control of your computer. The vulnerability can be exploited even if you don't actually open an infected file.

Although we're still waiting for an official fix, Microsoft has released a workaround for this exploit, so if you frequently use MS Office, be sure to check it out.

Read more
Not even your PC’s power supply is safe from hackers
Eaton 5S1500LCD UPS Battery Backup.

Hackers have managed to find a way to successfully gain access to uninterruptable power supply (UPS) computer systems, according to a report from The Cybersecurity and Infrastructure Security Agency (CISA).

As reported by Bleeping Computer and Tom’s Hardware, both the Department of Energy and CISA issued a warning to organizations based in the U.S. that malicious threat actors have started to focus on infiltrating UPS devices, which are used by data centers, server rooms, and hospitals.

Read more