A Microsoft warned on Wednesday that Chinese hackers backed by Beijing are targeting critical US infrastructure and could be laying the groundwork for a possible disruption of communications between the US and Asia in future crises.
Targets include locations in Guam, the US island territory in Micronesia, where Washington has a large military presence, the computer giant said.
Hostile activity in cyberspace — from espionage to advanced positioning 'malware' to possible future attacks — has become a hallmark of modern geopolitical rivalry, reported the Associated Press (AP).
Microsoft highlighted, in a blog post, that the Chinese state-sponsored hacker group – Volt Typhoon – has been active since mid-2021.
The company also highlighted that the organizations affected by cyberattacks are from the communication, factories, construction, public services, transport, maritime, information technology and education sectors.
Separately, the National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and their counterparts in Australia, New Zealand, Canada and the United Kingdom issued a joint statement sharing technical details on “ the newly discovered activity cluster”.
A Microsoft spokesperson declined to say why the software giant is now making this announcement or whether it has recently seen an increase in targeting critical infrastructure in Guam or adjacent US military installations, which include a important air base.
John Hultquist, chief analyst at Google's Mandiant cybersecurity intelligence operation, called Microsoft's announcement "a potentially important discovery."
“We don't see this kind of survey from China a lot. It's rare," said Hultquist.
"We know a lot about Russian, North Korean and Iranian cyber capabilities because they have been doing it regularly.“, He added.
BUT: Chinese hackers attacked IBM networks
Microsoft further noted that the hacking campaign placed a "strong emphasis on stealth" and sought to blend in with normal Internet activity by 'hacking' small office equipment, including 'routers'.
"For years, China has carried out aggressive cyber operations to steal intellectual property and sensitive data from organizations around the world.“, stressed Jen Easterly, director of CISA, asking for mitigation of the affected networks to avoid possible interruptions.
Bryan Vorndran, assistant director of the FBI's cyber division, called the intrusions "unacceptable tactics," according to the same statement.
Tensions between Washington and Beijing, in which US national security considers China its main military, economic and strategic rival, have increased in recent months.
Tensions escalated last year after the then Speaker of the House of Representatives, Democrat Nancy Pelosi, visited democratically governed Taiwan, prompting China, which claims the island as its territory, to launch military exercises around that territory.
US-China relations were further strained earlier this year after the US shot down what it believed to be a Chinese 'spy balloon' that flew over the United States.
