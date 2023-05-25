The United States and its Western allies indicted a ‘cyberagent’, sponsored by Chinaof infiltrating US critical infrastructure networks, which Beijing described as a “disinformation campaign”.

In a joint advisory, cybersecurity authorities in the United States, Canada, the United Kingdom, Australia, and New Zealand warned of a “set of activities” associated with “a state-sponsored cyber agent of the People’s Republic of China, also known as Volt Typhoon.”

China accused the United States.

“This activity affects the networks of critical infrastructure sectors in the United States” and the entity carrying out the attack “could apply the same techniques (…) throughout the world,” they added.

In response, China on Thursday accused the United States and its Western allies of launching a “disinformation campaign.”. “This is a report with serious deficiencies and it is extremely unprofessional,” Mao Ning, a spokesman for China’s foreign ministry, told a news conference.

“It is clear that this is a collective disinformation campaign by the countries of the Five Eyes coalition, launched by the United States for geopolitical purposes,” the spokesperson added.

The Five Eyes alliance is a collaborative intelligence network which includes Australia, the United States, Canada, the United Kingdom and New Zealand, countries that have mostly had differences with China, to varying degrees.

In another statement, Microsoft indicated that Volt Typhoon (Typhoon Volt) has been active since mid-2021 and pointed, among others, at the critical infrastructure of Guam, an important US military enclave in the Pacific Ocean.

This campaign could “disrupt critical communications infrastructure between the United States and the Asian region during future crises“said the US group.

The threat actor intended to eavesdrop and maintain access undetected for as long as possible

“As everyone knows, the Five Eyes alliance is the world’s largest intelligence organization and the US National Security Agency (NSA) is the world’s largest hacking organization,” Mao Ning said. “The fact that they are coming together to publish a disinformation report of this kind is ironic in itself,” he said.

According to Microsoft, the affected organizations belong to the sectors of communication, industry, public services, transportation, construction, public administration, education, and information technology, among others.

“The observed behavior suggests that the threat actor intended to eavesdrop and maintain access undetected for as long as possible,” he said. Authorities warned that espionage could camouflage itself in Windows systems.

According to the Western security agencies involved, the attacks use, among other things, the so-called ‘Living off the land’ (LotL) tactic, whereby the attacker uses the characteristics and tools of the system he attacks to enter it without leaving a trace. .

The director of the United States Cybersecurity and Infrastructure Security Agency, Jen Easterly, also issued a warning about Volt Typhoon. “For years, China has conducted operations around the world to steal intellectual property and sensitive data from critical infrastructures from organizations around the globe,” Easterly said.

The Volt Typhoon case “reflects how China is using highly sophisticated means to attack our nation’s critical infrastructure,” he added.

*With information from AFP

