A state-sponsored Chinese hacking group has been spying on a wide range of U.S. critical infrastructure organizations, from telecommunications to transportation hubs, Western intelligence agencies and Microsoft said on Wednesday.
The espionage has also targeted the U.S. island territory of Guam, home to strategically important American military bases, Microsoft said in a report, adding that "mitigating this attack could be challenging."
While China and the United States routinely spy on each other, analysts say this is one of the largest known Chinese cyber-espionage campaigns against American critical infrastructure.
The Chinese embassy in Washington did not immediately respond to a Reuters request for comment.
It was not immediately clear how many organizations were affected, but the U.S. National Security Agency (NSA) said it was working with partners including Canada, New Zealand, Australia, and the UK, as well as the U.S. Federal Bureau of Investigation to identify breaches. Canada, UK, Australia and New Zealand warned they could be targeted by the hackers too.
Microsoft analysts said they had "moderate confidence" this Chinese group, which it dubbed as 'Volt Typhoon', was developing capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.
"It means they are preparing for that possibility," added said John Hultquist, who heads threat analysis at Google's Mandiant Intelligence.
The Chinese activity is unique and worrying also because analysts don't yet have enough visibility on what this group might be capable of, he added.
"There is greater interest in this actor because of the geopolitical situation."
As China has stepped up military and diplomatic pressure in its claim to democratically governed Taiwan, U.S. President Joe Biden has said he would be willing to use force to defend Taiwan.
Security analysts expect Chinese hackers could target U.S. military networks and other critical infrastructure if China invades Taiwan.
The NSA and other Western cyber agencies urged companies that operate critical infrastructure to identify malicious activity using the technical guidance they issued.
"It is vital that operators of critical national infrastructure take action to prevent attackers hiding on their systems," Paul Chichester, director at the UK's National Cyber Security Centre said in a joint statement with the NSA.
Microsoft said the Chinese hacking group has been active since at least 2021 and has targeted several industries including communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education.
NSA cybersecurity director Rob Joyce said the Chinese campaign was using "built-in network tools to evade our defenses and leaving no trace behind." Such techniques are harder to detect as they use "capabilities already built into critical infrastructure environments," he added.
As opposed to using traditional hacking techniques, which often involve tricking a victim into downloading malicious files, Microsoft said this group infects a victim's existing systems to find information and extract data.
Guam is home to U.S. military facilities that would be key to responding to any conflict in the Asia-Pacific region. It is also a major communications hub connecting Asia and Australia to the United States by multiple submarine cables.
Bart Hoggeveen, a senior analyst at the Australian Strategic Policy Institute who specializes in state-sponsored cyber attacks in the region, said the submarine cables made Guam "a logical target for the Chinese government" to seek intelligence.
"There is high vulnerability when cables land on shore," he said.
New Zealand said it would work towards identifying any such malicious cyber activity in its country.
"It's important for the national security of our country that we're transparent and upfront with Australians about the threats that we face," Australia's Minister for Home Affairs and Cyber Security Clare O'Neil said.
Canada's cybersecurity agency said it had no reports of Canadian victims of this hacking as yet. "However, Western economies are deeply interconnected," it added. "Much of our infrastructure is closely integrated and an attack on one can impact the other."
Reuters
Thu May 25 2023
![Chinese hackers spying on US critical infrastructure, Western intelligence says Chinese hackers spying on US critical infrastructure, Western intelligence says](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2023-05/61683697104_CyberAttack.jpg)
While China and the United States routinely spy on each other, analysts say this is one of the largest known Chinese cyber-espionage campaigns against American critical infrastructure. - REUTERS
Jenayah: Polis sahkan suspek teman lelaki Nur Farah Kartini
Lelaki yang ditahan polis bagi membantu siasatan berhubung penemuan mayat Nur Farah Kartini Abdullah, adalah teman lelakinya.
Suspek kes kematian Nur Farah Kartini direman tujuh hari
Seorang penjawat awam yang dikaitkan dengan penemuan mayat Nur Farah Kartini Abdullah, direman selama tujuh hari bagi membantu siasatan kes tersebut.
[TERKINI] Pan Gon bakal umum letak jawatan hari ini?
Tidak ada maklumat lanjut berkaitan sidang media berkenaan walaupun desas desus mengatakan ia melibatkan kepimpinan tertinggi FAM atau barisan kejurulatihan skuad Harimau Malaya?
Bukan masa sesuai untuk perkenalkan semula GST - Amir Hamzah
Menteri Kewangan II, Datuk Seri Amir Hamzah Azizan berkata bukan masa sesuai untuk perkenal semula GST. Katanya, kerajaan hanya akan perkenalkan cukai yang tidak memberi kesan kepada golongan rentan.
#AWANInews #SisiTVParlimen
#AWANInews #SisiTVParlimen
![Anda kini boleh uji iOS 18 Public Beta Anda kini boleh uji iOS 18 Public Beta](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-07/41721100842_iOSPublicBeta.jpg)
Anda kini boleh uji iOS 18 Public Beta
Walaupun iOS 18 Public Beta sedia dimuat turun, ia masih lagi dalam peringkat pembangunan dan ujian.
Saya 'pelik' soalan YB Hulu Terengganu - Timbalan Menteri KPDN
Timbalan Menteri KPDN, Fuziah Salleh pelik dengan soalan YB Hulu Terengganu, Datuk Rosol Wahid yang mengaitkan harga barang naik dan subsidi diesel antara faktor kekalahan PH di Sungai Bakap.
#SisiTVParlimen #AWANInews
#SisiTVParlimen #AWANInews
PKPS 2.0: LHDN kutip RM512.6 juta - Amir Hamzah
Menteri Kewangan II, Datuk Seri Amir Hamzah Azizan berkata LHDN sudah mengutip RM512.6 juta melalui Program Khas Pengakuan Sukarela (PKPS) 2.0 yang bermula 6 Jun 2023 hingga 31 Mei lalu.
#SisiTVParlimen #AWANInews
#SisiTVParlimen #AWANInews
![Bursa Malaysia meneruskan peningkatan pada awal dagangan Bursa Malaysia meneruskan peningkatan pada awal dagangan](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2024-03/51709865166_BURSAMALAYSIA.jpg)
Bursa Malaysia meneruskan peningkatan pada awal dagangan
Pada 9.19 pagi, FTSE Bursa Malaysia KLCI (FBM KLCI) menambah 0.20 mata kepada 1,630.02 daripada 1,629.82 ketika ditutup pada Isnin.
![Kanak-kanak 4 tahun maut jatuh dari tingkat 16 Kanak-kanak 4 tahun maut jatuh dari tingkat 16](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2015-07/41437207555_PolisLogo.jpg)
Kanak-kanak 4 tahun maut jatuh dari tingkat 16
Polis Daerah Putrajaya menerima panggilan MERS 999 memaklumkan mengenai kejadian kanak-kanak jatuh bangunan sekitar pukul 7.50 pagi tadi.
AWANI Pagi: Hidup bersama COVID-19
Jom ketahui semua info penting tentang “Hidup Bersama COVID-19”! Langkah, pengurusan kes, vaksin, dan banyak lagi bersama Dr Aznida Mohamad Zaki, Pakar Perubatan Kesihatan Awam, Bahagian Kawalan Penyakit Kementerian Kesihatan Malaysia dalam Awani Pagi Selasa, 8.30 pagi.
![Sistem pembayaran jadi sasaran utama cubaan 'phishing' di Malaysia - Kaspersky Sistem pembayaran jadi sasaran utama cubaan 'phishing' di Malaysia - Kaspersky](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2022-06/51655727641_CyberAttack.jpg)
Sistem pembayaran jadi sasaran utama cubaan 'phishing' di Malaysia - Kaspersky
Sistem pembayaran kekal menjadi medium yang paling disasarkan percubaan pancingan data kewangan atau 'phishing' di Malaysia.
![Bukan ATM sahaja, laman web Manchester United pun pernah digodam! Bukan ATM sahaja, laman web Manchester United pun pernah digodam!](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2020-12/61609409934_cyberbinarycode.jpg)
Bukan ATM sahaja, laman web Manchester United pun pernah digodam!
Dalam apa sahaja rangkaian sistem keselamatan siber, faktor manusia adalah kelemahan utama yang boleh membuatkan penggodam mampu untuk menceroboh laman web.
![Nintendo dedah 300,000 akaun dalam talian pengguna digodam Nintendo dedah 300,000 akaun dalam talian pengguna digodam](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/http://img.astroawani.com/2020-06/81591762558_NintendoLogo.jpg)
Nintendo dedah 300,000 akaun dalam talian pengguna digodam
Penggodam dipercayai menggunakan Nintendo Network ID milik syarikat itu tanpa kebenaran.
![Orang biasa pun sudah boleh lancar serangan siber guna 'ransomware' Orang biasa pun sudah boleh lancar serangan siber guna 'ransomware'](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/http://img.astroawani.com/2020-05/61588590639_ransomware.jpg)
Orang biasa pun sudah boleh lancar serangan siber guna 'ransomware'
Krisis COVID-19 menyaksikan serangan siber meningkat dan 'ransomware' menjadi trend yang semakin meningkat.
![Anonymous Malaysia tidak lagi sepakat, sudah berpecah Anonymous Malaysia tidak lagi sepakat, sudah berpecah](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/http://img.astroawani.com/2015-08/81439722835_AnonymousMalaysia.jpg)
Anonymous Malaysia tidak lagi sepakat, sudah berpecah
Anonymous Malaysia tidak terlibat dalam rancangan perang siber ke atas kerajaan Malaysia dan kumpulan itu sudah berpecah.
![Peranan sebenar penggodam Peranan sebenar penggodam](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/http://img.astroawani.com/2014-10/81414138697_295x200.jpg)
Peranan sebenar penggodam
Perkataan menggodam atau 'hacking' sering dikaitkan dengan perkara negatif. Pengasas Hack in the Box, Dhillon Andrew Kannabhiran memberi pandangannya mengenai maksud sebenar menggodam.
!['Hackers' dunia serang laman web Israel 'Hackers' dunia serang laman web Israel](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/http://img.astroawani.com/2014-07/81405526096_120x90.jpg)
'Hackers' dunia serang laman web Israel
Beberapa website Israel turut digodam oleh satu pasukan yang dikenali sebagai 'MST-MalaysiaSecurityTester".