AP

Microsoft: State-sponsored Chinese hackers could be laying groundwork for disruption

May 25, 2023, 5:45 AM | Updated: 6:59 am

FILE - A security surveillance camera is seen near the Microsoft office building in Beijing, July 2...

FILE - A security surveillance camera is seen near the Microsoft office building in Beijing, July 20, 2021. State-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises, Microsoft said Wednesday, May 24, 2023. (AP Photo/Andy Wong, File)
Credit: ASSOCIATED PRESS

(AP Photo/Andy Wong, File)

State-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises, Microsoft said Wednesday.

The targets include sites in Guam, where the U.S. has a major military presence, the company said.

Hostile activity in cyberspace — from espionage to the advanced positioning malware for potential future attacks — has become a hallmark of modern geopolitical rivalry.

Microsoft said in a blog post that the state-sponsored group of hackers, which it calls Volt Typhoon, has been active since mid-2021. It said organizations affected by the hacking — which seeks persistent access — are in the communications, manufacturing, utility, transportation, construction, maritime, information technology and education sectors.

Separately, the National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and their counterparts from Australia, New Zealand, Canada and Britain published a joint advisory sharing technical details on “the recently discovered cluster of activity.”

A Microsoft spokesman would not say why the software giant was making the announcement now or whether it had recently seen an uptick in targeting of critical infrastructure in Guam or at adjacent U.S. military facilities there, which include a major air base.

John Hultquist, chief analyst at Google’s Mandiant cybersecurity intelligence operation, called Microsoft’s announcement “potentially a really important finding.”

“We don’t see a lot of this sort of probing from China. It’s rare,” Hultquist said. “We know a lot about Russian and North Korean and Iranian cyber-capabilities because they have regularly done this.” China has generally withheld use of the kinds of tools that could be used to seed, not just intelligence-gathering, but tools for disruptive attacks, he added.

Microsoft said the intrusion campaign placed a “strong emphasis on stealth” and sought to blend into normal network activity by hacking small-office network equipment, including routers.

“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe,” said CISA Director Jen Easterly, urging mitigation of affected networks to prevent possible disruption. Bryan Vorndran, the FBI cyber division assistant director, called the intrusions “unacceptable tactics” in the same statement.

Tensions between Washington and Beijing — which the U.S. national security establishment considers its main military, economic and strategic rival — have been on the rise in recent months.

Those tensions spiked last year after then-House Speaker Nancy Pelosi’s visit to democratically governed Taiwan, leading China, which claims the island as its territory, to launch military exercises around Taiwan.

U.S.-China relations became further strained earlier this year after the U.S. shot down a Chinese spy balloon that had crossed the United States.

 

AP

putin election...

Emma Burrows and Dasha Litvinova, The Associated Press

Putin extends rule in preordained Russian election after harshest crackdown since Soviet era

With nearly all the precincts counted Monday, election officials said Putin had secured a record number of votes.

19 hours ago

Photo: An official walks toward an entrance to the Federal Correctional Institution in Dublin, Cali...

Associated Press

Judge appoints special master to oversee California federal women’s prison after rampant abuse

A judge on Friday appointed a special master to oversee a troubled federal women’s prison in California known for rampant sexual abuse.

3 days ago

photo: Fulton County District Attorney Fani Willis, left, and prosecutor Daysha Young speak to each...

Kate Brumback and Alanna Durkin Richer, The Associated Press

Prosecutor leaves Georgia election case against Trump after relationship with district attorney

A prosecutor who had a relationship with an attorney formally withdrew Friday from the Georgia election interference case against Trump.

4 days ago

Image: Public defender Drew Flood with the nonprofit law firm Metropolitan Public Defender looks ov...

Associated Press

Washington State Bar Association OKs far lower caseloads for public defenders

The Bar approved the limits in an effort to stop the lawyers from quitting and to make sure they have enough time to represent each client.

5 days ago

Image: Republican presidential candidate and former President Donald Trump speaks rally at Coastal ...

The MyNorthwest staff with wire reports

Washington pushes Trump over the top in GOP delegate count after presidential primary

After Tuesday's presidential primary, Washington, unofficially, put Donald Trump over the top to secure the Republican nomination again.

6 days ago

Image: This combo image shows President Joe Biden, left, Jan. 5, 2024 and Republican presidential c...

Associated Press

Biden, Trump win Washington presidential primaries, clinch parties’ nominations

Biden overcame concerns about his leadership as the presidential contest shifts to a general election rematch that many voters do not want.

6 days ago

Microsoft: State-sponsored Chinese hackers could be laying groundwork for disruption