Chinese Hackers Sparked US Alert, Hits Defence Targets

A group of Chinese hackers who recently triggered a multi-nation alert have been conducting a cyberespionage campaign against military and government targets in the United States, researchers said on Thursday.

The Chinese government has rejected assertions that its spies are going after Western targets, calling the joint warning issued by the United States and its allies a “collective disinformation campaign.”

The group - dubbed “Volt Typhoon” by Microsoft – was the subject of an alert issued by cybersecurity and intelligence agencies in the United States, Britain and their close allies.

Chinese cyber spies have been seen to “primarily target organizations in the US in defence and government verticals (fields), primarily for espionage purposes,” according to researcher Marc Burnard, whose organisation – Secureworks – has dealt with several intrusions tied to Volt Typhoon.

The analysis by Secureworks – an arm of Dell Technologies – adds context to the warning issued on Wednesday by Microsoft.

That warning said Volt Typhoon was developing capabilities “that could disrupt critical communications infrastructure between the United States and Asia region during future crises” – a nod to escalating tensions between China and the United States over Taiwan and other issues.

The group has targeted critical infrastructure organisations in the US Pacific territory of Guam, Microsoft said.

The reference to potentially disruptive activity drew widespread attention. Volt Typhoon was abusing Fortinet, whose FortiGuard devices Microsoft said to break into its targets, saw its shares fall more than 2 per cent.

Burnard said Secureworks had seen no evidence of destructive activity by Volt Typhoon, but that in general its hackers were focused on stealing information that would “shed light on US military activities.”

He declined to name the “handful” of victims which Secureworks had helped to deal with the Volt Typhoon.

Chinese foreign ministry spokesperson Mao Ning told reporters that the alerts, issued by the United States, Britain, Canada, Australia and New Zealand were intended to promote their intelligence alliance, known as the Five Eyes - and that it was Washington guilty of hacking.

“The United States is the empire of hacking,” Mao said.

Also Read

Stay in the know with our newsletter