Microsoft: State-sponsored Chinese hackers could be laying groundwork for disruption

May 24, 2023, 3:15 PM

FILE - A security surveillance camera is seen near the Microsoft office building in Beijing, July 2...

FILE - A security surveillance camera is seen near the Microsoft office building in Beijing, July 20, 2021. State-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises, Microsoft said Wednesday, May 24, 2023. (AP Photo/Andy Wong, File)
Credit: ASSOCIATED PRESS

(AP Photo/Andy Wong, File)

BOSTON (AP) — State-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises, Microsoft said Wednesday.

The targets include sites in Guam, where the U.S. has a major military presence, the company said.

Hostile activity in cyberspace — from espionage to the advanced positioning malware for potential future attacks — has become a hallmark of modern geopolitical rivalry.

Microsoft said in a blog post that the state-sponsored group of hackers, which it calls Volt Typhoon, has been active since mid-2021. It said organizations affected by the hacking — which seeks persistent access — are in the communications, manufacturing, utility, transportation, construction, maritime, information technology and education sectors.

Separately, the National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and their counterparts from Australia, New Zealand, Canada and Britain published a joint advisory sharing technical details on “the recently discovered cluster of activity.”

A Microsoft spokesman would not say why the software giant was making the announcement now or whether it had recently seen an uptick in targeting of critical infrastructure in Guam or at adjacent U.S. military facilities there, which include a major air base.

John Hultquist, chief analyst at Google’s Mandiant cybersecurity intelligence operation, called Microsoft’s announcement “potentially a really important finding.”

“We don’t see a lot of this sort of probing from China. It’s rare,” Hultquist said. “We know a lot about Russian and North Korean and Iranian cyber-capabilities because they have regularly done this.” China has generally withheld use of the kinds of tools that could be used to seed, not just intelligence-gathering, but tools for disruptive attacks, he added.

Microsoft said the intrusion campaign placed a “strong emphasis on stealth” and sought to blend into normal network activity by hacking small-office network equipment, including routers.

“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe,” said CISA Director Jen Easterly, urging mitigation of affected networks to prevent possible disruption. Bryan Vorndran, the FBI cyber division assistant director, called the intrusions “unacceptable tactics” in the same statement.

Tensions between Washington and Beijing — which the U.S. national security establishment considers its main military, economic and strategic rival — have been on the rise in recent months.

Those tensions spiked last year after then-House Speaker Nancy Pelosi’s visit to democratically governed Taiwan, leading China, which claims the island as its territory, to launch military exercises around Taiwan.

U.S.-China relations became further strained earlier this year after the U.S. shot down a Chinese spy balloon that had crossed the United States.

United States News

Associated Press

Biden to enforce ban on oil, gas drilling to protect tribal sites around New Mexico’s Chaco

ALBUQUERQUE, N.M. (AP) — The Biden administration is implementing a 20-year withdrawal banning oil and gas development outside the boundaries of Chaco Culture National Historical Park in northwestern New Mexico. The action taken by Secretary of the Interior Deb Haaland in the nation’s No. 2 oil-producing state was announced Friday. It is intended to protect […]

5 hours ago

FILE - White House national security adviser Jake Sullivan speaks at a press briefing at the White ...

Associated Press

White House wants to engage Russia on nuclear arms control in post-treaty world

WASHINGTON (AP) — The White House is ready to have talks with Russia without preconditions about a future nuclear arms control framework even as it is the last nuclear arms control treaty between the two countries. White House national security adviser Jake Sullivan will make clear the Biden administration’s desire for talks on building a […]

5 hours ago

US Secretary of State Antony Blinken disembarks from the airplane at the Helsinki-Vantaa airport in...

Associated Press

US reopens embassy in Seychelles after 27-year absence

WASHINGTON (AP) — The United States has reopened its embassy in the Seychelles after a 27-year absence during which China and other U.S. rivals made significant inroads in the Indian Ocean islands. The U.S. State Department announced the move late Thursday, after having unveiled plans to open a diplomatic mission in northern Norway, which will […]

1 day ago

Associated Press

US expands slots for asylum app at land crossings as demand overwhelms supply

HARLINGEN, Texas (AP) — U.S. authorities on Thursday expanded slots to seek asylum at land crossings with Mexico through a mobile app for the second time in less than a month, seeking to dispel doubts it isn’t a viable option. There are now 1,250 appointments at eight land crossings, up from 1,000 previously and 740 […]

1 day ago

In this photo provided by Vernon Tyau, Jarek Agcaoili, left, with his mother Danielle, sister Jessi...

Associated Press

3 dead, 2 missing after family fishing trip in Alaska becomes a nightmare

JUNEAU, Alaska (AP) — An Alaska fishing adventure became a nightmare for a family of eight when disaster struck one of the two boats they chartered over the Memorial Day weekend, leaving three people dead and two more missing despite a desperate search over hundreds of square miles of ocean. The tragedy tore the Tyau […]

1 day ago

FILE - The sign for Fort Bragg, N.C., is displayed, Jan. 4, 2020. Fort Bragg will shed its Confeder...

Associated Press

Fort Bragg to drop Confederate namesake for Fort Liberty, part of US Army base rebranding

RALEIGH, N.C. (AP) — Fort Bragg will shed its Confederate namesake to become Fort Liberty in a Friday ceremony that some veterans view as a small but important step in making the U.S. Army more welcoming to current and prospective Black service members. The change is part of a broad Department of Defense 2020 George […]

1 day ago

Sponsored Articles

...

DAY & NIGHT AIR CONDITIONING, HEATING AND PLUMBING

Here are the biggest tips to keep your AC bill low this summer

PHOENIX — In Arizona during the summer, having a working air conditioning unit is not just a pleasure, but a necessity. No one wants to walk from their sweltering car just to continue to be hot in their home. As the triple digits hit around the Valley and are here to stay, your AC bill […]

...

re:vitalize

Why drug-free weight loss still matters

Wanting to lose weight is a common goal for many people as they progress throughout life, but choosing between a holistic approach or to take medicine can be a tough decision.

...

OCD & Anxiety Treatment Center

How to identify the symptoms of 3 common anxiety disorders

Living with an anxiety disorder can be debilitating and cause significant stress for those who suffer from the condition.

Microsoft: State-sponsored Chinese hackers could be laying groundwork for disruption