Chinese Hackers Are Snooping On Vital US Infrastructure, According To Western Intelligence

According to Wednesday reports from Western intelligence agencies and Microsoft, a state-sponsored Chinese hacking gang has been eavesdropping on a variety of essential infrastructure companies operating in the United States, from telecommunications to transportation hubs.

According to a study from Microsoft, the espionage has also targeted Guam, a U.S. territory with strategically significant American military installations, and “mitigating this attack could be challenging.”

Analysts claim that despite the fact that China and the United States frequently spy on one another, this is one of the largest known Chinese cyberespionage campaigns against crucial American infrastructure.

Speaking on behalf of the Chinese foreign ministry, Mao Ning said on Thursday that the Five Eyes nations—the United States, Canada, New Zealand, Australia, and the UK—who share intelligence with China were engaged in a “collective disinformation campaign” about the hacking charges. The Five Eyes nations are a gathering of nations that share intelligence.

According to Mao, the U.S. started the campaign for geopolitical reasons, and the analysis from Microsoft analysts revealed that the government of the United States was spreading its channels of misinformation outside of official organisations.

“But no matter what varied methods are used, none of this can change the fact that the United States is the empire of hacking,” she told a regular press briefing in Beijing.

Although the number of affected organisations was not immediately known, the US National Security Agency (NSA) announced that it was collaborating to find breaches with organisations in the UK, Canada, New Zealand, Australia, and the US Federal Bureau of Investigation. Canada, the UK, Australia, and New Zealand issued a warning that they might also be the target of the hackers.

Microsoft analysts expressed “moderate confidence” that the Chinese organisation known as “Volt Typhoon” was creating tools that may compromise the vital communications networks between the United States and Asia during future crises.

“It means they are preparing for that possibility,” said John Hultquist, who heads threat analysis at Google’s Mandiant Intelligence.

According to him, the Chinese action is unusual and concerning in part because analysts are still unsure of the potential capabilities of this group.

“There is greater interest in this actor because of the geopolitical situation.”

U.S. President Joe Biden has stated he would be willing to use force to defend Taiwan as China has increased military and diplomatic pressure in support of its claim to democratically controlled Taiwan.

If China invades Taiwan, security experts predict that Chinese hackers may attack U.S. military networks and other vital infrastructure.

Companies that manage vital infrastructure were asked by the NSA and other Western cyber agencies to spot hostile activity using the technical advice they supplied.

“It is vital that operators of critical national infrastructure take action to prevent attackers hiding on their systems,” Paul Chichester, director at the UK’s National Cyber Security Centre said in a joint statement with the NSA.

According to Microsoft, the Chinese hacking outfit has been operating since at least 2021 and has targeted a number of sectors, including government, information technology, education, manufacturing, utilities, transportation, and maritime.

The Chinese campaign was utilising “built-in network tools to evade our defences and leaving no trace behind,” according to NSA cybersecurity director Rob Joyce.Such methods rely on “capabilities already built into critical infrastructure environments,” the author continued, making them more difficult to identify.

Microsoft claimed that this organisation infects a target’s existing computers to uncover information and retrieve data, as opposed to utilising conventional hacking approaches, which frequently entail duping a victim into downloading dangerous files.

The U.S. military maintains facilities on Guam that are essential for responding to any war in the Asia-Pacific region. Additionally, it serves as a significant communications hub for the many submarine cables that link the United States to Asia and Australia.

According to Bart Hoggeveen, a senior analyst at the Australian Strategic Policy Institute who focuses on state-sponsored cyber operations in the area, Guam is “a logical target for the Chinese government” to gather intelligence because of the submarine cables.

“There is high vulnerability when cables land on shore,” he said.

New Zealand pledged to take steps to stop any such hostile cyber activities there.

“It’s important for the national security of our country that we’re transparent and upfront with Australians about the threats that we face,” Australia’s Minister for Home Affairs and Cyber Security Clare O’Neil said.

Canadian victims of this breach have not yet been reported, according to Canada’s cybersecurity authorities. However, it continued, “Western economies are deeply interconnected.” Because so much of our infrastructure is interconnected, an attack on one might have an effect on the other.

(Adapted from


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s