U.S. Air Force/Airman 1st Class Gerald Willis/Handout via Reuters
China may have conducted digital espionage against the US’ Pacific interests. Microsoft and the National Security Agency (NSA) have revealed that an alleged state-sponsored Chinese hacking group, Volt Typhoon, installed surveillance malware in “critical” systems on the island of Guam and elsewhere in the US. The group has been operating since mid-2021 and reportedly compromised government organizations as well as communications, manufacturing, education and other sectors.
Volt Typhoon prioritizes stealth, according to the investigators. It uses “living off the land” techniques that rely on resources already present in the operating system, as well as direct “hands-on-keyboard” action. They use the command line to scrape credentials and other data, archive the info and use it to stay in targeted systems. They also try to mask their activity by sending data traffic through small and home office network hardware they control, such as routers. Custom tools help them set up a command and control channel through a proxy that keeps their info secret.
The malware hasn’t been used for attacks, but the web shell-based approach could be used to damage infrastructure. Microsoft and the NSA are publishing info that could help potential victims detect and remove Volt Typhoon’s work, but they warn that fending off intrusions could be “challenging” as it requires either closing or changing affected accounts.
US officials speaking to The New York Times believe the Guam infiltration is part of a larger Chinese intelligence collection system that includes the reported spy balloon that floated across American nuclear sites early this year. The focus Guam is concerning as it’s home to Andersen Air Force Base, a major station that would likely be used for any US answer to a Chinese invasion of Taiwan. It’s also a key hub for ships in the Pacific.
The Biden administration has stepped up efforts to protect critical infrastructure, including plans for common security requirements. The US fell prey to multiple attacks on vital systems in recent years, including gas pipelines and meat suppliers. The Volt Typhoon discovery underscores the importance of tougher defenses — malware like this could compromise the US military at a crucial moment.
TYT Newsroom
more recommended stories
AMLO to inaugurate the new Tulum International Airport on Friday, Dec. 1… Is it ready to start operations?The Tulum International Airport received its first Boeing 737 ,.
-
Atlantic hurricane season comes to an end today
People on the Gulf Coast and.
-
Man dies hit by a truck in the Sambulá neighborhood
A senior citizen tragically lost his life on the.
-
China’s Tiangong space station is a reality
The crew of China’s Shenzhou 16.
-
AMLO requests the Senate to allow U.S. military personnel to train Mexican special forces
Mexico’s president has requested permission from.
-
Yucatan farmers appreciate the rains
The president of the Regional Livestock.
-
Couple detained in Cozumel for stealing a motorcycle and resisting arrest
A couple was arrested for trying.
-
Pablo Escobar’s son will offer a conference to young people in Mérida on Dec. 1st
On Friday, December 1, Sebastián Marroquín,.
-
Merida International Airport receives up to 45 daily flights
Mérida has become one of the.
-
Mauricio Vila secures a position in the Senate of the Republic for 2024
In recognition of the results obtained.
@yucatantimes Este miércoles en la gaceta semanal del The Yucatan Times: #TheYucatanTimes #Merida #Yucatan #Mexico🇲🇽 #ExpatsinMexico #WeeklyGazette ♬ sonido original - The Yucatan Times
Leave a Comment