In a statement, Microsoft warned that the campaign could “disrupt critical communications infrastructure between the United States and the Asian region in future crises.”
A Chinese-backed cyber actor has infiltrated critical US infrastructure networks, Washington, its Western allies and Microsoft said on Wednesday, warning that similar campaigns could take place around the world.
In a joint advisory, cybersecurity officials in the United States and other countries warned of a “group of activities” linked to a “state-sponsored cyber actor from the People’s Republic of China, also known as Volt Typhoon.”
They added that “this operation affects the networks of critical infrastructure sectors of the United States” and that the company carrying out the attack “could use the same techniques (…) around the world”.
“Volt Typhoon”
In a separate statement, Microsoft said “Volt Typhoon” has been active since mid-2021 and has targeted critical infrastructure on the island of Guam, which hosts a major US military base in the United States.
Microsoft warned that the campaign could “disrupt critical communications infrastructure between the United States and the Asian region in future crises.”
“The observed behavior suggests that the threat actor wants to spy and maintain access (to the infrastructure) as undetected as possible,” the US technical team added.