The network, controlled by a widespread Chinese hacking group called Volt Typhoon, was disrupted by a US government operation, Reuters reports.
The group has alarmed intelligence officials, who say it is part of a larger effort to undermine critical Western infrastructure, including ports, Internet service providers and utilities, raising concerns that hackers could undermine U.S. preparedness in that situation. When China attempts to take over Taiwan. by force.
Nearly every country in the world uses hackers to gather intelligence, and major powers like the United States and Russia have vast centers for such groups, many of which cybersecurity experts have given various nicknames, such as Equigen. Group or fancy beer.
Experts begin to worry when such groups shift their interest from intelligence gathering to digital subversion.
Microsoft said in a blog post in May last year that Volt Typhoon seeks to “develop capabilities that could disrupt critical communications infrastructure between the United States and the Asian region in the event of a future crisis,” thereby immediately addressing the matter. The thought of growing came to mind. Tension. Between China and America regarding Taiwan. According to Reuters, it is certain that any conflict between these two countries will involve cyber attacks in the Pacific Ocean.
Does this mean that a group of destructive hackers is preparing to damage US infrastructure in the event of a Taiwan-related conflict?
Microsoft last year described its assessment as having “medium” confidence, which is intelligence language that usually means a theory is plausible and has a reliable source, but has not yet been fully confirmed. Is. Researchers identified various aspects of the hacking group.
It is now clear that Volt Typhoon enabled large-scale control of vulnerable digital devices around the world – such as routers, modems and even Internet-connected security cameras – to conceal subsequent attacks on more sensitive targets. Worked by confiscation.
This collection of remotely controlled systems, known as a botnet, is a major concern for security officials because it limits the visibility of cybersecurity officials monitoring foreign fingerprints in their computer networks.
In a report released earlier this month, cybersecurity rating firm SecurityScorecard said Cisco devices were particularly vulnerable to hacking activity by Volt Typhoon.
The company said it has “identified a network of covert infrastructure operating in Europe, North America and Asia-Pacific, including compromised routers and other network peripherals.”
Almost all cyber spies hide their tracks, and the use of so-called botnets by both governments and hackers to hide their cyber operations is nothing new.
This approach is often used when an attacker wants to quickly target multiple victims at once or cover their tracks.
China denies hacking and did so in the case of Typhoon Volt. But according to Reuters, documents of Beijing's cyber espionage campaigns have been accumulating for more than two decades.
Espionage has come increasingly into focus over the past 10 years, with Western researchers linking abuses to specific units within the People's Liberation Army, and US law enforcement officials accusing a series of Chinese officials of stealing US secrets.
SecureWorks, an arm of Dell, said in a blog post last year: “Volt Typhoon's interest in breaking into operational security likely stems from embarrassment over the drumbeat of US prosecutions and increasing pressure on the (Chinese) leadership to avoid public scrutiny. Is.” Electronic espionage activity.
The Biden administration has increasingly focused on hacking, not only because of fears that countries will attempt to disrupt or distract from the US elections next November, but because ransomware has wreaked havoc on US companies in 2023.