Chinese hackers break into the US Navy, targets to raise communication | World news

An alleged campaign by Chinese state-sponsored hackers on targets in the US and Guam has raised fears that Beijing is preparing to disrupt communications in the Pacific in the event of a conflict.

The hacking ad was first identified by Microsoft Corp. on Wednesday and quickly confirmed by authorities in the US, UK and other partner countries. Microsoft said the hacking group, which it called Volt Typhoon, had breached government, communications, manufacturing and IT organizations in the US and Guam, a major military post in the western Pacific.

While the identities of many of the hacking victims are unknown, US Navy Secretary Carlos Del Toro told CNBC on Thursday that the Navy was affected by the hacks. The extent of the crime was not immediately known. A spokesman for the US Navy declined to “discuss the status of our networks.”

Meanwhile, Rob Joyce, director of cybersecurity at the National Security Agency, told CNN on Thursday that Chinese hackers may still have access to the sensitive US networks they have targeted. Joyce said the attacks stand out in how dangerous they are in “size and scope.”

An NSA representative declined to comment and pointed instead to a release by the NSA and other US agencies on the Chinese hacking group.

Microsoft said it has “moderate confidence” the breaches were made in preparation to improve communications in the event of a future crisis. The company’s announcement comes amid growing concerns that China may take military action to enforce its claim to the self-governing island of Taiwan.

Jon Darby, the NSA’s director of operations until his retirement after 39 years at the spy agency in August, said the operation fits a well-known method of penetrating networks by accessing them at the edges rather than at the core. he called the bulls-eye and then. wait for years.

“What’s interesting is that they come in from home routers all the way to US Navy infrastructure,” said Darby, who was not familiar with the details of the specific case.

“The fear is that they can launch disruption or nuclear attacks when things are hitting the air,” he said. “If they’re in these networks they can wreak havoc. You have to identify and plug the vulnerabilities that allow them to get into these networks and destroy them.”

The NSA, along with intelligence agencies from the UK, Australia, New Zealand and Canada also shared more details on the hackers. Those countries are part of an intelligence alliance, which includes sharing cybersecurity information, known as the Five Eyes.

China has denied the hacking allegations.

“We consider this very weak report – a patchwork with a broken chain of evidence,” said Chinese Foreign Ministry spokesman Mao Ning. “Apparently, this has been a joint disinformation campaign launched by the US through the Five Eyes to serve its geopolitical agenda. It is universally known that Five Eyes is the largest intelligence agency in the world, and the NSA is the largest hacking organization in the world.”

The US has previously charged Chinese hackers with espionage and intellectual property theft, including the Office of Personnel Management data breach in 2015 and the Equifax hack in 2017. In 2014, a Senate panel found that Chinese government hackers had you have access to the data. of military contractors including aircraft and engineering companies.

It is not clear why Microsoft, the US and its allies decided to shine a light on the hacking group this week. One reason may be to give private companies a head start to protect themselves from this group of Chinese hackers long before a potential conflict with China over Taiwan, John Hultquist, senior analyst at Mandiant Intelligence, a Google subsidiary.

“The burden of protecting critical infrastructure from critical disruptive cyber attacks rests with the private sector. They have to protect these networks,” Hultquist said. “This is why it is important that this knowledge makes its way into their hands. Otherwise, it is of no use at all.”

Details about the alleged attacks offer rare insights into potential terrorism efforts by Chinese hackers, whose theft of intellectual property and espionage capabilities are best known. In contrast, cybersecurity experts have documented Russian attacks on critical infrastructure, with hacks of the power grid in Ukraine well documented.

“The organization has been around a long time,” said Dakota Cary, a consultant at the Krebs Stamos Group, describing the cutting team. “When they walk a line to get something of military service value, that’s when it changes.”