Jan 1, 2025
China-Backed Hackers Targeted US Treasury, Says US Government
The US Treasury Department has publicly stated it was targeted by a cyberattack attributed to hackers sponsored by the Chinese state, escalating tensions in the cyber domain.
seen from Türkiye
seen from Netherlands
seen from United Kingdom
seen from United Kingdom
seen from United Kingdom
seen from United States
seen from Türkiye
seen from Australia
seen from Singapore
seen from United States
seen from China
seen from United Kingdom
seen from Serbia
seen from Poland
seen from China
seen from United States
seen from Germany
seen from Germany
seen from United States
seen from United Kingdom
China-Backed Hackers Targeted US Treasury, Says US Government
The US Treasury Department has publicly stated it was targeted by a cyberattack attributed to hackers sponsored by the Chinese state, escalating tensions in the cyber domain.
https://bit.ly/3MWDHtZ - 🔍 Microsoft has revealed a broad hacking campaign believed to be conducted by Chinese state-sponsored hackers, named "Volt Typhoon." This group has targeted critical infrastructure systems in the US and Guam since 2021, infiltrating sectors like communications, manufacturing, utilities, construction, and transportation. While the group hasn't been seen conducting data destruction or offensive attacks, the risk of such actions remains given the vital nature of their targets. #CyberSecurity #StateSponsoredHacking 🕵️ Volt Typhoon's intentions are believed to be espionage, as they strive to maintain undetected access to these networks as long as possible. This access could potentially disrupt critical communications infrastructure between the US and Asia during future crises, further elevating the risks associated with this group. Google-owned cybersecurity firm, Mandiant, also echoes these concerns, suggesting the group's focus on critical infrastructure might be preparation for a potential disruptive or destructive attack. #Espionage #ThreatIntelligence 💻 The hackers' approach involves using compromised routers, firewalls, and other network edge devices as proxies for their activities. The group often exploits compromised accounts of legitimate users, making their activity harder to detect by seeming benign. Their focus on adaptation and blending in with a target's regular network traffic are hallmarks of their approach, marking a continued evolution of state-sponsored cyber espionage tactics. #CyberEspionage #CyberWarfare 🚨 US Government agencies like the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Justice Department, along with intelligence partners from Canada, the UK, and Australia, have issued a joint advisory about Volt Typhoon's activities. The advisory notes that this group's activity affects networks across US critical infrastructure sectors and could apply the same techniques globally. #NationalSecurity #CyberThreat 🔌 Historically, Chinese state-sponsored hackers have infiltrated US critical infrastructure systems, as seen as early as 2009 when US intelligence officials warned about Chinese cyberspies penetrating the US power grid. However, distinguishing between espionage, cyberattack preparation, and an imminent cyberattack remains challenging due to the ambiguity and potential for misinterpretation. This opacity adds to the complexity of the cyber warfare landscape and the importance of continuous vigilance and defense.