On Wednesday, May 24, the United States and its Western allies accused A “electronic representative” Sponsored by China to secretly infiltrate the ‘critical infrastructure’ The Americans warned of the possibility of similar attacks around the world.
In a joint advisory report, cybersecurity authorities in the United States, Canada, the United Kingdom, Australia and New Zealand warned about it “set of activities” Malware associated with “The state-sponsored cyber actor of the People’s Republic of China, also known as Volt Typhoon”.
sequel after announcement
“This activity impacts networks of critical US infrastructure sectors.” and the entity leading the attack The same techniques can be applied […] all over the world “they added.
In a separate press release, the American group Microsoft explained that Volt Typhoon has been active since mid-2021 and that it has targeted, among other things, critical infrastructure on the island of Guam, in the Pacific Ocean, which hosts a large US army. a base.
In 2049, the internet will be our main battlefield.
This campaign carries risks Disrupting critical communications infrastructure between the United States and the Asian region in future crises.Microsoft warned. Campaign goals Telecom, industry, utilities, transportation, construction, marine, government, information technology, and education sectors, followed by American Technology Group. according to him, The observed behavior indicates that the threatening actor intends to spy and retain access [aux infrastructures] undetected for as long as possible.”.
Undetectable interference
According to Western security agencies, these attacks use, in particular, the so-called “live from the ground” (LotL) tactic, in which the attacker uses the characteristics and tools of the system he is targeting to break into the interior without leaving traces. In particular, an attacker can use legitimate administrative tools to infiltrate the system and insert malicious scripts or code. This type of infiltration is much more effective than those using malware, which can be detected more easily.
sequel after announcement
Eviatar Matania: “Cyber Defense is a Race for World Domination”
According to Microsoft, Volt Typhoon attempts to blend in with normal network activity by routing traffic through infected network equipment in small businesses and remote workers, including routers, firewalls, and virtual private networks (VPNs).
The director of the US Cybersecurity and Infrastructure Security Agency, Gene Easterly, also issued a warning against the Volt Typhoon. For years, China has conducted operations around the world to steal intellectual property and sensitive data from critical infrastructure organizations.Jane Easterly said.
Volt Typhoon case “It appears that China is using highly sophisticated means to target our country’s critical infrastructure.”And discover it “It will allow network advocates to better understand how to detect and mitigate this malicious activity.”she added.
Beijing condemns “disinformation”
China denied any involvement. “This is a seriously flawed and totally unprofessional report.”Chinese Foreign Ministry spokeswoman Mao Ning said. This is clearly a collective disinformation campaign by the countries of the Five Eyes Alliance [réseau dans le renseignement qui comprend l’Australie, les Etats-Unis, le Canada, le Royaume-Uni et la Nouvelle-Zélande, NDLR]launched by the United States for geopolitical purposes.I continued.
Hospitals, easy prey for cyberattacks
Beijing regularly denies carrying out or sponsoring cyber attacks, and in return accuses the United States of cyber espionage against it. “As everyone knows, the Five Eyes Alliance is the world’s largest intelligence organization and national agency [américaine] from security [NSA] It is the largest piracy organization in the world.Mao Ning said.
