According to Reuters, networks controlled by a Chinese hacking group known as “Volt Typhoon” were disrupted by a U.S. government operation. This group has raised concerns among intelligence officials, who say it is part of a larger effort to undermine Western critical infrastructure, including seaports, internet service providers, and utilities, fueling fears that infiltrators were working to damage U.S. readiness in the event of China attempting to forcefully reclaim Taiwan.
Almost every country in the world uses hackers to gather intelligence, and major powers like the U.S. and Russia have vast centers for such groups, which cybersecurity experts have given various names, such as APT (Advanced Persistent Threat) groups or Fancy Bear. Concern arises when the focus of such groups shifts from intelligence gathering to digital sabotage.
Microsoft stated in a blog last May that “Volt Typhoon is seeking to develop capabilities that could disrupt the critical communications infrastructure between the United States and Asia in the future during crises,” immediately recalling the escalating tensions between China and the United States over Taiwan. Any conflict between these two countries is sure to involve cyberattacks across the Pacific, according to Reuters.
Does this mean a group of destructive infiltrators is preparing to sabotage U.S. infrastructure in the event of a conflict related to Taiwan? Microsoft described its assessment last year as “moderate,” an intelligence term typically meaning the theory is plausible and the source is credible but not fully confirmed yet. Researchers identified various aspects of the hacking group.
It’s now clear that Volt Typhoon operated by controlling large swathes of vulnerable digital devices worldwide—such as routers, modems, and even internet-connected security cameras—to conceal subsequent attacks on more sensitive targets. This network of remotely controlled systems, known as a botnet, is a major concern for security officials as it obscures the view of cybersecurity officials monitoring foreign fingerprints in their computer networks.
In a report released earlier this month, the cybersecurity rating company SecurityScorecard stated that Cisco Systems’ devices are particularly vulnerable to hacking activities by Volt Typhoon. The company identified “a network of clandestine infrastructure operating in Europe, North America, Asia, and the Pacific consisting of compromised routers and other network endpoints.”
Leave a Reply