Skip to main content

Technology

Chinese hackers are spying on U.S. critical infrastructure, intelligence groups say

The state-sponsored hacking group is conducting one of the largest known cyber-espionage campaigns, targeting organizations ranging from telecommunications to transportation hubs

Chinese hackers
Chinese hackers | Shutterstock

May 25, 2023 8:33am

Updated: May 25, 2023 8:33am

A Chinese hacking group has hacked and spied on several U.S. critical infrastructure organizations, raising security concerns, intelligence agencies said on Wednesday. 

The state-sponsored hacking group is conducting one of the largest known cyber-espionage campaigns, targeting organizations ranging from telecommunications to transportation hubs, according to Microsoft and Western intelligence agencies. 

Microsoft said it has “moderate confidence” that the Chinese hacker group, dubbed “Volt Typhoon,” could be developing technology to disrupt critical infrastructure in several industries, including manufacturing, transportation, construction, government, information technology, education, maritime, and communications. According to the organization, the group has been active since 2021. 

It is unclear how many organizations were affected by the hack. The National Security Agency (NSA), along with the Federal Bureau of Investigation (FBI) are working to identify the extent of the breach. However, NSA cybersecurity director Rob Joyce said the Chinese campaign was using "built-in network tools to evade our defenses and leaving no trace behind." 

The discovery comes as the relationship between the United States and China became tense after President Biden said he would be willing to use force to defend Taiwan, which Beijing claims to be part of its territory. 

According to security analyst experts, Chinese hackers could be seeking to target U.S. telecommunication networks and critical infrastructure if China invades Taiwan, reported Reuters. 

Additionally, Microsoft said that the U.S. island territory of Guam has been targeted probably because it is home to strategic American military bases that could play a significant role if any conflict were to break out in the Asia-Pacific region. 

Canada, New Zealand, Australia, and the United Kingdom could have also been targeted, the agencies said. The four countries said they would work towards identifying any malicious cyber activity that could be targeting them.