Microsoft Says China Installed Malware In US Systems In Guam | Old North State Wealth News
Connect with us

US News

Microsoft says China installed malware in US systems in Guam



China may have conducted digital espionage against the US’ Pacific interests. Microsoft and the National Security Agency (NSA) have revealed that an alleged state-sponsored Chinese hacking group, Volt Typhoon, installed surveillance malware in “critical” systems on the island of Guam and elsewhere in the US. The group has been operating since mid-2021 and reportedly compromised government organizations as well as communications, manufacturing, education and other sectors.

Volt Typhoon prioritizes stealth, according to the investigators. It uses “living off the land” techniques that rely on resources already present in the operating system, as well as direct “hands-on-keyboard” action. They use the command line to scrape credentials and other data, archive the info and use it to stay in targeted systems. They also try to mask their activity by sending data traffic through small and home office network hardware they control, such as routers. Custom tools help them set up a command and control channel through a proxy that keeps their info secret.

The malware hasn’t been used for attacks, but the web shell-based approach could be used to damage infrastructure. Microsoft and the NSA are publishing info that could help potential victims detect and remove Volt Typhoon’s work, but they warn that fending off intrusions could be “challenging” as it requires either closing or changing affected accounts.

US officials speaking to The New York Times believe the Guam infiltration is part of a larger Chinese intelligence collection system that includes the reported spy balloon that floated across American nuclear sites early this year. The focus Guam is concerning as it’s home to Andersen Air Force Base, a major station that would likely be used for any US answer to a Chinese invasion of Taiwan. It’s also a key hub for ships in the Pacific.

The Biden administration has stepped up efforts to protect critical infrastructure, including plans for common security requirements. The US fell prey to multiple attacks on vital systems in recent years, including gas pipelines and meat suppliers. The Volt Typhoon discovery underscores the importance of tougher defenses — malware like this could compromise the US military at a crucial moment.

Read the full article here

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Copyright © 2022 ONSWM News. Content posted on the Old North State Wealth News page was developed and produced by a third party news aggregation service. Old North State Wealth Management is not affiliated with the news aggregation service. The information presented is believed to be current. It should not be viewed as personalized investment advice. All expressions of opinion reflect the judgment of the authors on the date the articles were published. The information presented is not an offer to buy or sell, or a solicitation of any offer to buy or sell, any of the securities discussed.