US disrupts China hacking drive vs vital infrastructure – officials

US disrupts China hacking drive vs vital infrastructure – officials

/ 07:23 AM February 01, 2024

US officials said they disrupted a sweeping hacking operation of China that targeted critical American infrastructure entities

FILE PHOTO: Computer code is seen on a screen above a Chinese flag in this July 12, 2017, illustration photo. United States officials said Wednesday, January 31, 2024, that they disrupted a sweeping Chinese cyber-spying operation that targeted critical American infrastructure entities and could be used against the US in a future geopolitical crisis. REUTERS/Thomas White/Illustration/File Photo

United States officials said Wednesday they disrupted a sweeping Chinese cyber-spying operation that targeted critical American infrastructure entities and could be used against the US in a future geopolitical crisis.

The operation, conducted jointly by the US Department of Justice and the FBI, weeded out malicious Chinese software from a network or “botnet” of hundreds of compromised US routers, both agencies said in a statement.

Article continues after this advertisement

The US and its key allies disclosed the Chinese campaign, dubbed Volt Typhoon, in May 2023 when analysts at Microsoft found it had targeted everything from US telecommunication networks to transportation hubs.

FEATURED STORIES

As state-sponsored hacking becomes an increasingly powerful espionage and foreign policy tool, the United States has scaled up efforts to counter digital intrusion efforts by rivals China and Russia.

“This operation disrupted the efforts of (People’s Republic of China) state-sponsored hackers to gain access to US critical infrastructure that (China) would be able to leverage during a future crisis,” Assistant Attorney General Matthew Olsen of the Justice Department’s National Security Division said in a statement.

Article continues after this advertisement

Some analysts said that the crisis could be a Chinese invasion of Taiwan, in which case China could use its infiltration into US networks as part of Volt Typhoon to its advantage.

Article continues after this advertisement

READ: US State Department warns China could hack infrastructure, including pipelines, rail systems

Article continues after this advertisement

China last year dismissed the US and its partners’ allegations on the Volt Typhoon as a “disinformation campaign.” A spokesperson at China’s embassy in Washington called them “irresponsible criticism” on Wednesday.

“The Chinese government has been categorical in opposing hacking attacks and the abuse of information technology,” the spokesperson said, alleging in turn that the United States was involved in hacking and “eavesdropping more than other countries.”

Article continues after this advertisement

The disruptive American operation involved taking down hundreds of US-based small office or home office routers that were part of the botnet and had been hijacked by China’s state-sponsored hackers, Sean Newell, deputy chief of the Justice Department’s National Security Division, said during a media briefing by phone.

“These cyber actors use this botnet to conceal the hacking of US and foreign critical infrastructure among other malicious cyber activities,” Newell added.

READ: Vast cyber espionage campaign linked to China – report

Most of the infected routers were made by the technology firms Cisco and Netgear and were “end-of-life” or older-generation devices that were not being updated with the latest security measures, officials said.

A court order allowed the agencies to remove the malicious software from the infected routers and disconnect them from the network of devices that Volt Typhoon had compromised, they added. Reuters exclusively reported earlier this week about the U.S. operation against Chinese hacking.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

It is unclear how many American devices have been infected by the Chinese campaign, but the US statement said the FBI continued investigating.

TAGS: China, cybercrimes, hacking, United States

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.