Explorer

China-Sponsored Hackers Targeting Critical US Sectors, Microsoft & Western Intelligence Agencies Say

The NSA and other Western cyber agencies are urging companies operating critical infrastructure to take action by identifying any malicious activity using the technical guidance provided.

According to reports from Western intelligence agencies and Microsoft, a state-sponsored Chinese hacking group has been engaged in extensive espionage targeting critical infrastructure organisations in the United States. Sectors such as telecommunications, transportation hubs, and even the US territory of Guam, which houses strategically significant American military bases, have been affected. Microsoft warned that mitigating this attack would pose a challenge due to its scope. While mutual spying between China and the United States is not uncommon, analysts note that this is one of the largest cyber-espionage campaigns by China against American critical infrastructure to date. The Chinese embassy in Washington has yet to respond to requests for comment regarding these allegations.

The extent of the impact on organisations remains uncertain, but the US National Security Agency (NSA) is collaborating with partners from Canada, New Zealand, Australia, and the UK, as well as the US Federal Bureau of Investigation, to identify breaches. Canada, the UK, Australia, and New Zealand have also raised concerns about potential targeting by the hackers.

Microsoft's analysts, who have labelled the Chinese group as 'Volt Typhoon', have expressed "moderate confidence" that the hackers are developing capabilities that could disrupt critical communications infrastructure between the United States and the Asia region during future crises. This suggests they are preparing for such scenarios, according to John Hultquist, head of threat analysis at Google's Mandiant Intelligence.

ALSO READ: Chinese Hackers Targeted Kenyan Government Over Several Years To Acquire Debt-Related Data: Report

The unique and worrisome aspect of this Chinese activity lies in the lack of visibility into the group's true capabilities, making it a subject of greater interest for analysts. The geopolitical situation, particularly China's increased military and diplomatic pressure concerning Taiwan, further heightens concerns. Should China invade Taiwan, security analysts anticipate that Chinese hackers might target U.S. military networks and other critical infrastructure.

The NSA and other Western cyber agencies are urging companies operating critical infrastructure to take action by identifying any malicious activity using the technical guidance provided. It is crucial to prevent attackers from remaining undetected on systems, emphasised Paul Chichester, director at the UK's National Cyber Security Centre, in a joint statement with the NSA.

Microsoft revealed that the Chinese hacking group has been active since at least 2021 and has targeted various industries, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education. The Chinese campaign reportedly employs built-in network tools that evade defences and leave no trace behind, making detection more challenging.

Unlike traditional hacking methods that rely on tricking victims into downloading malicious files, this group infects existing systems to gather information and extract data. Guam, with its US military facilities crucial for Asia-Pacific conflict response and its role as a communications hub connecting Asia, Australia, and the United States through submarine cables, presents an attractive target for Chinese intelligence gathering.

Experts stress the vulnerability associated with cables landing on the shores of Guam. Bart Hoggeveen, a senior analyst specialising in state-sponsored cyber attacks at the Australian Strategic Policy Institute, asserts that these cables make Guam a logical target for the Chinese government.

New Zealand has committed to identifying any malicious cyber activity within its borders, emphasising the importance of transparency in addressing national security threats. Australia's Minister for Home Affairs and Cyber Security, Clare O'Neil, acknowledges the interconnectedness of Western economies and the potential impact of an attack on one country's infrastructure on others. The Canadian cybersecurity agency has not reported any Canadian victims of this hacking thus far but highlights the interdependence of Western economies, indicating that an attack on one country can affect others.

Top Headlines

Asus Zenbook Duo (2026) Review: The Laptop Equivalent Of Doctor Strange, & I Can't Complain
Asus Zenbook Duo (2026) Review: The Laptop Equivalent Of Doctor Strange, & I Can't Complain
Assassin's Creed Black Flag Resynced Codes: How To Grab Free Animus Keys, Pets, Exclusive Rewards
Assassin's Creed Black Flag Resynced Codes: How To Grab Free Animus Keys, Pets, Exclusive Rewards
Microsoft Boss Satya Nadella Warns Firms Are 'Paying Twice' For AI
Microsoft Boss Satya Nadella Warns Firms Are 'Paying Twice' For AI
Google Pixel 11 Prices Leak Early And India Might Need To Brace For Another Premium Pixel Jump
Google Pixel 11 Prices Leak Early And India Might Need To Brace For Another Premium Pixel Jump

Videos

Middle East: US Targets Iranian Naval Base With Sea Drone Strike Amid Hormuz Crisis
Breaking News: US and Iran Clash Over Control of Strait of Hormuz
Top News: India Summons Iranian Diplomat After Indian Sailor’s Death in Gulf Attack
Breaking News: NYT Claims Israel Tried to Develop Ahmadinejad as Iran Political Asset
Middle East: US-Iran Conflict Escalates Over Hormuz and Iran Nuclear Site Threats

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget