(WASHINGTON) The United States and its Western allies have accused a Chinese-sponsored “cyber actor” of infiltrating American “critical infrastructure,” allegations Beijing has strongly denied and denounced Thursday as a “disinformation campaign.”
In a joint advisory report, cybersecurity authorities in the United States, Canada, the United Kingdom, Australia and New Zealand warned of a malicious “range of activities” linked to “a state-sponsored cyber actor of the People’s Republic of China, also known as Volt Typhoon”.
“This activity affects the networks of critical infrastructure sectors in the United States,” and the entity carrying out the attack “could apply the same techniques.” […] around the world “.
Beijing defeated the charges on Thursday.
Mao Ning, a spokeswoman for the Chinese Foreign Ministry, responded during a regular press conference: “This is a report with serious flaws and very unprofessional.”
And she continued, “It is clear that this is a collective disinformation campaign by the countries of the Five Eyes coalition, launched by the United States for geopolitical purposes.”
The Five Eyes coalition is a collaborative intelligence network that includes Australia, the United States, Canada, the United Kingdom and New Zealand – countries that often have conflicts with China, to varying degrees.
In a separate communique, the American group Microsoft has explained that the Volt Typhoon is active in mi-2021 and that it is a cable, among other, essential infrastructures in Guam, which is an important American military base in Guam. ‘The Pacific Ocean.
Microsoft warned that this campaign risks “disrupting critical communications infrastructure between the US and the Asian region in future crises.”
“As everyone knows, the Five Eyes Alliance is the world’s largest intelligence organization and the (US) National Security Agency is the world’s largest hacking organization,” Mao Ning said.
“The fact that they are collaborating to publish such a disinformation report is in itself a paradox.”
The National Security Agency, often denounced by Beijing, was made famous by one of the former computer scientists, the American Edward Snowden, who revealed the existence of a US system of global surveillance of communications and especially the Internet.
According to the concerned Western security agencies, the attacks significantly use the “Live from the Land” (LotL) tactic, in which the attacker uses the characteristics and tools of the system it targets to break into the interior without leaving any traces.
“This is what I would call low and slow cyber activity,” says Alastair McGibbon, chief strategy officer at Australian firm CyberCX and former director of the Australian Cyber Security Centre.
“It’s like someone wearing a camouflage jacket and a sniper rifle. We don’t see him, he’s not there.”
Once inside, this expert says, hackers can steal information. But it also gives them the opportunity to carry out destructive actions at a later stage. »
In particular, an attacker can use legitimate administrative tools to infiltrate the system and insert malicious scripts or code. This type of infiltration is much more effective than those using malware, which can be detected more easily.
The director of the US Cybersecurity and Infrastructure Security Agency, Gene Easterly, also issued a warning against the Volt Typhoon.
For years, China has conducted operations around the world stealing intellectual property and sensitive data from critical infrastructure organizations.I east.
She added that the Volt Typhoon case “shows that China uses highly sophisticated means to target our country’s critical infrastructure.”
China regularly claims to be the victim of many of the same cyberattacks.
In September, the United States in particular was accused of leading “tens of thousands” against its interests, some of which, she said, allowed sensitive data to be stolen, notably from a Chinese research university.
“Food trailblazer. Passionate troublemaker. Coffee fanatic. General analyst. Certified creator. Lifelong music expert. Alcohol specialist.”