Microsoft characterized its assessment from last year as “moderate” trust, an intelligence term indicating that the theory is usually reasonable and its source is reliable but not fully confirmed yet. Researchers have identified various aspects of the hacking group.
It has become apparent that Volt Typhoon was operating by taking control of large areas of vulnerable digital devices worldwide, such as routers, modems, and even internet-connected security cameras, to conceal subsequent attacks on more sensitive targets.
This network of remotely controlled systems, known as a botnet, is a major concern for security officials as it hampers the visibility of cybersecurity officials monitoring foreign fingerprints in their computer networks.
In a report earlier this month, cybersecurity ratings company “SecurityScorecard” stated that Cisco Systems devices were particularly exposed to infiltration activities by Volt Typhoon.
The company identified “a network of secret infrastructure operating in Europe, North America, Asia, and the Pacific region that appears to consist of compromised routers and other network peripheral devices.”
Nearly all internet spies work to hide their tracks, using what’s known as botnets, employed by both governments and infiltrators to conceal their cyber operations, and it’s not a new practice.
This approach is often used when the attacker wants to target multiple victims quickly or seeks to hide their traces.
China denies engaging in hacking, as it did in the case of Volt Typhoon. However, documentation of electronic espionage campaigns in Beijing has been accumulating for over two decades, according to Reuters.
Espionage has been a sharp focus over the past decade, with Western researchers linking violations to specific units within the People’s Liberation Army. U.S. law enforcement authorities have accused a series of Chinese officers of stealing U.S. secrets.
Security company “Secureworks,” an arm of Dell, said in a blog post last year: “Volt Typhoon’s interest in operational security compromises is likely rooted in embarrassment due to the drumming of U.S. indictments and increased pressure on (Chinese) leadership to avoid general scrutiny of its electronic espionage activities.”
The Biden administration has increasingly focused on cybersecurity, not only out of fear that nations might attempt to disable the upcoming U.S. elections in November or divert its course but also because ransomware attacks caused chaos in U.S. companies in 2023.
Leave a Reply