Advertisment

China's Cyber Espionage Campaign Targets Critical Infrastructure, U.S. Issues Warning

author-image
BNN Correspondents
New Update
The Chinese government has rejected these allegations, dismissing them as part of a "collective disinformation campaign"
<br>
Image Credit: CNBC

The U.S. State Department has issued a warning regarding China's capability to launch cyber attacks on critical infrastructure, including pipelines and rail systems. This caution comes after researchers discovered a Chinese hacking group engaged in spying on these networks, specifically targeting military and government entities in the United States. However, the Chinese government has rejected these allegations, dismissing them as part of a "collective disinformation campaign" orchestrated by the United States and its allies.

Advertisment

U.S. Authorities Respond to the Threat

U.S. officials are actively addressing this potential threat but admit that they are still in the process of understanding its full extent. Rob Joyce, the cybersecurity director of the U.S. National Security Agency (NSA), revealed that they have received new data and information from a previously unidentified location since the release of the hunt guide. The NSA had previously disclosed technical details to aid critical service providers in detecting such cyber spying activities. Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is working diligently to grasp the scope of the potential intrusions and their associated impacts. CISA's executive assistant director, Eric Goldstein, emphasized the importance of comprehending the tactics employed by the adversary to provide necessary assistance and enhance defense strategies.

Covert Cyber Espionage and the Challenge of Detection

Advertisment

One of the major challenges in defending against this type of cyber espionage is its covert nature. Researchers and officials point out that adversaries often utilize legitimate credentials and network administration tools to gain access to their targets. This makes it difficult for traditional detection methods, such as antivirus software, to identify these intrusions. Microsoft analysts, who identified the campaign known as Volt Typhoon, warned that it could disrupt critical communications infrastructure between the United States and the Asian region during future crises, alluding to the escalating tensions between the U.S. and China over issues like Taiwan.

The Urgency for Vigilance and Improved Cybersecurity

State Department spokesperson Matthew Miller stressed the need for both government and network defenders to remain vigilant in the face of potential cyberattacks on critical infrastructure. The United States has been pushing for enhanced cybersecurity practices within its majority-privately held critical infrastructure industry, particularly following the disruptive hack of the Colonial Pipeline in 2021, which led to fuel supply disruptions on the U.S. East Coast. Intelligence agencies from the United States, Britain, and their close allies issued an alert to raise awareness about the Volt Typhoon cyber espionage campaign. Microsoft reported that the group had targeted critical infrastructure organizations in Guam, using Fortinet's FortiGuard devices to breach their networks.

Advertisment

Concerns and Counterarguments

While no evidence of destructive activities by Volt Typhoon has been found, researcher Marc Burnard from Secureworks, an organization that has dealt with intrusions linked to the group, stated that the hackers primarily focus on stealing information related to U.S. military activities. NSA's Joyce acknowledged that Volt Typhoon could potentially carry out disruptive attacks, although some of the critical infrastructure sites identified by the government may not hold significant intelligence value.

China's Response and Accusations

Chinese foreign ministry spokesperson Mao Ning responded to the alerts issued by the United States, Britain, Canada, Australia, and New Zealand, suggesting that they were intended to promote their intelligence alliance known as the Five Eyes. Mao countered the allegations by stating that the United States is the real culprit behind hacking activities, dubbing it the "empire of hacking."

cyberattacks BREAKING BNNUSA CriticalInfrastructure
Advertisment
Advertisment