The U.S. government in recent months introduced an operation to combat a Chinese hacking operation, which successfully compromised thousands of internet-connected devices, Reuters reported citing two Western security officials and one person with knowledge of the matter.
The Justice Department and the Federal Bureau of Investigation, or FBI, sought and received legal permission to remotely disable aspects of the Chinese hacking campaign, the report added.
The Biden administration has been focused on hacking, not only due to fears that countries could try to disrupt the U.S. election in November, but because ransomware brought upon chaos on companies in the U.S. last year.
Volt Typhoon, the hacking outfit at the center of the recent activity, has alarmed intelligence officials who say the group is part of a larger effort to compromise Western critical infrastructure, including naval ports, internet service providers and utilities, the report noted.
Volt Typhoon’s activities had surfaced in May 2023, but the group expanded the scope of their operations late in 2023 and changed some of their techniques, the report added, citing people with knowledge of the matter.
The widespread nature of the hacks caused a series of discussions between the White House and private technology industry, including many telecommunications and cloud computing firms, wherein the U.S. government requested help in tracking the activity.
National security experts noted that such breaches could bolster China to remotely disrupt vital facilities in the Indo-Pacific region which in some way support or service U.S. military operations. U.S. officials are worried that the hackers were working to hurt U.S. preparation in case of a China’s invasion of Taiwan.
In May 2023, Microsoft (NASDAQ:MSFT) said that the state-sponsored hacking group, Volt Typhoon, conducted an attack that “could disrupt critical communications infrastructure between the United States and Asia region during future crises.”
When Western nations warned about Volt Typhoon, Chinese foreign ministry spokesperson Mao Ning said the hacking allegations were a “collective disinformation campaign” from the Five Eyes countries — a reference to the intelligence sharing group made up of the U.S., Canada, New Zealand, Australia and the U.K.
“How it works is the Chinese are taking control of a camera or modem that is positioned geographically right next to a port or ISP (internet service provider) and then using that destination to route their intrusions into the real target,” said a former official with knowledge of the matter, according to the report.
——————————————————–