U.S. Air Force/Airman 1st Class Gerald Willis/Handout via Reuters
China may have conducted digital espionage against the US’ Pacific interests. Microsoft and the National Security Agency (NSA) have revealed that an alleged state-sponsored Chinese hacking group, Volt Typhoon, installed surveillance malware in “critical” systems on the island of Guam and elsewhere in the US. The group has been operating since mid-2021 and reportedly compromised government organizations as well as communications, manufacturing, education and other sectors.
Volt Typhoon prioritizes stealth, according to the investigators. It uses “living off the land” techniques that rely on resources already present in the operating system, as well as direct “hands-on-keyboard” action. They use the command line to scrape credentials and other data, archive the info and use it to stay in targeted systems. They also try to mask their activity by sending data traffic through small and home office network hardware they control, such as routers. Custom tools help them set up a command and control channel through a proxy that keeps their info secret.
The malware hasn’t been used for attacks, but the web shell-based approach could be used to damage infrastructure. Microsoft and the NSA are publishing info that could help potential victims detect and remove Volt Typhoon’s work, but they warn that fending off intrusions could be “challenging” as it requires either closing or changing affected accounts.
US officials speaking to The New York Times believe the Guam infiltration is part of a larger Chinese intelligence collection system that includes the reported spy balloon that floated across American nuclear sites early this year. The focus Guam is concerning as it’s home to Andersen Air Force Base, a major station that would likely be used for any US answer to a Chinese invasion of Taiwan. It’s also a key hub for ships in the Pacific.
The Biden administration has stepped up efforts to protect critical infrastructure, including plans for common security requirements. The US fell prey to multiple attacks on vital systems in recent years, including gas pipelines and meat suppliers. The Volt Typhoon discovery underscores the importance of tougher defenses — malware like this could compromise the US military at a crucial moment.
TYT Newsroom
more recommended stories
Hurricane winds surprised residents of Izamal; trees were knocked down by unusual hail stormHurricane force winds accompanied by a.
-
Sargassum Threatens to Deter Tourists from Yucatán’s Beaches
An unusual phenomenon has persisted since.
-
Exponential Increase in Respiratory Infections in Southeast Mexico
During the first 21 weeks of.
-
Moringa: From Medicinal Plant in Yucatán to Aircraft Fuel
Moringa is known as the tree.
-
Did you know that anxiety can affect your heart health?
Anxiety is a disease that begins.
-
Senior citizen falls from escalator at the Mérida Airport
An elderly passenger suffered a fall.
-
Ateneo Peninsular in Mérida will soon become a museum showcasing important Maya archaeological pieces
The National Institute of Anthropology and.
-
Is Messi returning to Barça?
Social media exploded after Antonela Rocuzzo.
-
Does López Obrador respect the Judicial Power?(Ricardo Anaya)
MEXICO CITY. June 5, 2023.- Ricardo.
-
A good start is expected for the octopus and lobster seasons in Yucatan
MÉRIDA, Yucatan – A few months.
@yucatantimes Este miércoles en la gaceta semanal del The Yucatan Times: #TheYucatanTimes #Merida #Yucatan #Mexico🇲🇽 #ExpatsinMexico #WeeklyGazette ♬ sonido original - The Yucatan Times
Leave a Comment