Chinese hackers that triggered US alarm hit defense targets

The Chinese government has rejected assertions that its spies are going after Western targets, calling the joint warning issued by the US and its allies a "collective disinformation campaign."

 A LAPTOP with binary codes displayed in front of the Chinese flag. Individuals basically do not care if their personal data are stolen, unless the hacker personally locks them out of their accounts or the theft has some other major concrete negative impact on their lives. (photo credit: DADO RUVIC/REUTERS)
A LAPTOP with binary codes displayed in front of the Chinese flag. Individuals basically do not care if their personal data are stolen, unless the hacker personally locks them out of their accounts or the theft has some other major concrete negative impact on their lives.
(photo credit: DADO RUVIC/REUTERS)

A group of Chinese hackers who recently triggered a multi-nation alert have been conducting a cyberespionage campaign against military and government targets in the United States, researchers said on Thursday.

The Chinese government has rejected assertions that its spies are going after Western targets, calling the joint warning issued by the United States and its allies a "collective disinformation campaign".

The group - dubbed "Volt Typhoon" by Microsoft - was the subject of an alert issued by cybersecurity and intelligence agencies in the United States, Britain and their close allies.

Chinese cyber spies have been seen to "primarily target organizations in the US in defense and government verticals (fields), primarily for espionage purposes", according to researcher Marc Burnard, whose organization - Secureworks - has dealt with several intrusions tied to Volt Typhoon.

Cyber hacking (illustrative) (credit: INGIMAGE)
Cyber hacking (illustrative) (credit: INGIMAGE)

The analysis by Secureworks - an arm of Dell Technologies DELL.N - adds context to the warning issued on Wednesday by Microsoft.

That warning said Volt Typhoon was developing capabilities "that could disrupt critical communications infrastructure between the United States and Asia region during future crises" - a nod to escalating tensions between China and the United States over Taiwan and other issues.

The group has targeted critical infrastructure organizations in the US Pacific territory of Guam, Microsoft said.

The reference to potentially disruptive activity drew widespread attention. Fortinet FTNT.O, whose FortiGuard devices Microsoft said were being abused by Volt Typhoon to break into its targets, saw its shares fall more than 2 percent.

Burnard said Secureworks had seen no evidence of destructive activity by Volt Typhoon, but that in general its hackers were focused on stealing information that would "shed light on U.S. military activities".

He declined to name the "handful" of victims which Secureworks had helped to deal with Volt Typhoon.


Stay updated with the latest news!

Subscribe to The Jerusalem Post Newsletter


Chinese FM says Washington was guilty of hacking

Chinese foreign ministry spokesperson Mao Ning told reporters that the alerts, issued by the United States, Britain, Canada, Australia and New Zealand were intended to promote their intelligence alliance, known as the Five Eyes - and that it was Washington that was guilty of hacking.

"The United States is the empire of hacking," Mao said.