The US Justice Department and the FBI said on Wednesday that they had disrupted a major Chinese cyber-espionage operation that targeted critical US infrastructure and could be used against the US in future geopolitical crises. can

The operation removed malicious Chinese software from a network of hundreds of compromised U.S. routers, or “botnets,” the two agencies said in a statement.

The US and its key allies exposed the Chinese campaign. Volt Typhoonin May 2023 when analysts Microsoft It was found to have targeted everything from US telecommunications networks to transportation hubs.

Here’s what’s known. Volt Typhoon and its potential threat:

‘Crisis of the Future’

Almost every country in the world uses hackers to gather intelligence. Major powers like the United States and Russia have large stables of such groups – many of which have been given colorful nicknames by cyber security experts, such as the “Equation Group” or “Fancy Bear”.

Experts worry when such groups shift their focus from intelligence gathering to digital sabotage. So when Microsoft Corp A blog post in May of last year said Volt Typhoon was “pursuing the development of critical communications infrastructure disruption capabilities between the US and the Asia region during future crises”, it quickly It brought to mind the rising tensions between China and the US. Taiwan.

Any conflict between these two countries would almost certainly involve cyber attacks in the Pacific.

‘Taiwan Botnet’

Does this mean that a group of destructive hackers is preparing to sabotage US infrastructure in the event of a conflict over Taiwan?

Microsoft last year qualified its assessment as “moderate confidence,” which generally means that a theory is plausible and plausible but has yet to be fully confirmed. Different researchers have identified different aspects of the group.

It is now clear that Volt-Typhoon has worked around the world by taking control of vulnerable digital devices such as routers, modems, and even Internet-connected security cameras in order to mount later, downstream attacks. Can be hidden in sensitive targets. This constellation of remotely controlled systems, known as botnets, is of primary concern to security officials as they limit the visibility of cyber defenders who monitor their computer networks for foreign footprints. are

In a report earlier this month, cybersecurity rating firm Security Scorecard said Cisco Systems The instruments were particularly vulnerable to Volt typhoon activity. The firm said it had identified “a network of covert infrastructure operating in Europe, North America and the Asia-Pacific that appears to contain compromised routers and other network edge devices”.

‘Hidden Storm’

Almost all cyber spies work to cover their tracks. The use of so-called botnets by both government and criminal hackers to launder their cyber operations is nothing new. This method is often used when an attacker wants to target multiple victims at the same time or when trying to hide their identity.

China routinely denies hacking and has done so in the case of Volt Typhoon. But documentation of Beijing’s cyber-espionage campaigns has been brewing for more than two decades. Espionage has come into sharper focus in the past 10 years as Western researchers have linked breaches to specific units within the People’s Liberation Army, and US law enforcement agencies have accused Chinese officers of stealing US secrets.

Secureworks, an arm of Dell Technologiessaid in a blog post last year that Volt Typhoon’s interest in operational security was likely driven by embarrassment to the drumbeat of US allegations and “to avoid public scrutiny of its cyber-espionage activity by the (Chinese) leadership.” Borne of mounting pressure.”

The Biden administration has increasingly focused on hacking, not only because of fears that nations might try to disrupt the U.S. election in November, but also because ransomware wreaked havoc on corporate America in 2023. .

  • Published on February 2, 2024 at 04:32 PM IST.

Most read on the internet.

Join a community of 2M+ industry professionals.

Subscribe to our newsletter to get the latest insights and analysis.

Download the ETTelecom app.

  • Get real-time updates.
  • Save your favorite articles.

Source link