Microsoft Warning: “Volt Typhoon” Cyber Threat
According to CNBC, Microsoft alerts about “Volt Typhoon,” a Chinese state-sponsored hacking group compromising critical U.S. cyber infrastructure since mid-2021. Their objective is to gather intelligence from various industries.
The attack by “Volt Typhoon” is ongoing, posing a significant threat. Microsoft advises affected customers to promptly change compromised account credentials to mitigate further damage.
Focus on Disrupting US-Asia Communications
“Volt Typhoon” targets the communications infrastructure between the United States and Asia, potentially disrupting vital communication channels during future crises.
Alerting US Intelligence Agencies and Suspicions
U.S. intelligence agencies were alerted in February about “Volt Typhoon,” coinciding with the downing of a Chinese spy balloon, raising suspicions of a connection.
Exploiting FortiGuard Vulnerability for Long-term Access
CNBC reports the hackers exploit a vulnerability in the cybersecurity suite FortiGuard to establish long-term undetected access to targeted systems, prioritizing sustained access over immediate disruption.
Impacted Sectors: Diverse Targets
“Volt Typhoon” has successfully targeted multiple sectors, including communications, transport, maritime, and government organizations, indicating a wide range of objectives.
China has a history of conducting state-sponsored attacks, targeting sensitive information from U.S. companies like Covington and Burling, highlighting the recurrent nature of these cyber threats.
“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe,” CISA director Jen Easterly said in a statement, as reported by CNBC.