Categories: CyberCrimeSecurity

US Mounts Operation Against Chinese Hacking Network

The US government launched an operation late last year to fight a Chinese state-sponsored hacking network aimed at disrupting US military communications, Reuters reported.

The operation targets a botnet set up by a group known as Volt Typhoon, which first came to light in May 2023, but which expanded its scope in late 2023 and changed some of its techniques, according to the news wire’s Tuesday report.

It said the Justice Department and the Federal Bureau of Investigation (FBI) sought and received legal authorisation to remotely disable aspects of Volt Typhoon’s botnet.

The botnet operates by taking over internet-connected devices such as security cameras or routers.

From left to right: Australian Security Intelligence Organisation Director-General Mike Burgess, Canadian Security Intelligence Service Director David Vigneault, FBI Director Christopher Wray, New Zealand Security Intelligence Service Director-General of Security and Chief Executive Andrew Hampton, and MI5 Director General Ken McCallum at the Emerging Technology and Securing Innovation Summit in Palo Alto, California, on 16 October, 2023. Image credit: FBI

Hacking botnet

Those devices can then be used as a base to launch further attacks, making the malicious traffic appear to be coming from a local source.

The wide spread of Volt Typhoon’s botnet reportedly led to a series of meetings between the White House and private technology companies, including telecoms and cloud firms, who were asked by the US government for assistance in tracking the group’s malicious activity.

The hacking group is believed to be targeting US critical infrastructure including naval ports, internet service providers and utilities.

The botnet has taken over thousands of devices, Reuters said, citing unnamed Western security officials and other sources.

Critical communications

“The Chinese are taking control of a camera or modem that is positioned geographically right next to a port or ISP and then using that destination to route their intrusions into the real target,” an unnamed former official told Reuters.

“To the IT team at the downstream target it just looks like a normal, native user that’s sitting nearby.”

In a security advisory last May, Microsoft Threat Intelligence said it believed the Volt Typhoon campaign was intended to disrupt critical communications infrastructure between the US and Asia during future crises, such as a conflict with China over Taiwan.

Microsoft said at the time that the group began operations in mid-2021 and has targeted Guam and other locations in the US.

US-China tensions

It said targets ranged across the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Last May Chinese foreign ministry spokesperson Mao Ning said the hacking allegations were a “collective disinformation campaign” from the Five Eyes intelligence network comprising the United States, Canada, New Zealand, Australia and the UK.

The US and China have been locked in an escalating conflict for years over China’s efforts to develop an autonomous technology industry, particularly in the areas of high-end semiconductor production and artificial intelligence.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK CMA Seeks Feedback On Microsoft, Amazon AI Partnerships

British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…

6 hours ago

Google Fires More Staff Over Israel Protest

Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…

7 hours ago

Australian PM Hits Out At Elon Musk Over Knife Attack Video

Censorship row brewing down under, after the Australian Prime Minister calls Elon Musk an 'arrogant…

8 hours ago

US SEC Seeks $5.3 Billion Fine From Terra’s Do Kwon

Financial regulator asks New York judge to impose $5.3 billion in fines against Terraform Labs…

8 hours ago

Microsoft Launches Smallest AI Model, Phi-3-mini

Lightweight artificial intelligence model launched this week by Microsoft, offering more cost-effective option for Azure…

12 hours ago

US Senate Passes TikTok Ban Or Divestment Bill

ByteDance protest falls on deaf ears, as Senate passes TikTok ban or divest bill, with…

13 hours ago