Cyber warfare: Volt Typhoon's blow to USA security

The Chinese government-backed Volt Typhoon cyber-gang has carried out a series of cyber attacks on US networks, intending to disrupt lines of communication between Washington and Asia. Such activity has been reported by the United States and Microsoft, and below we present the known details and potential repercussions of such actions.

Volt Typhoon, a cybercriminal group linked to the Chinese government, has targeted critical US infrastructure, potentially setting the stage for disrupting critical communications between the US and Asia in future crisis situations. As reported by Microsoft, this group of hackers, generally focused on espionage and data collection activities, attacked institutions located in Guam, an area where the United States has a significant military presence.

Volt Typhoon hackers reportedly aim to maintain constant and penetrating access into various industries, including telecommunications, manufacturing, utilities, transportation, construction, marine, information technology, and education.

Microsoft specified that the Volt Typhoon group has been in action since mid-2021 and focuses on the vital infrastructure of Guam, a strategic American military point in the Pacific Ocean. Microsoft further noted that “The Volt Typhoon campaign is working to develop capabilities that could compromise critical communications infrastructure between the United States and Asia during future crisis events. The observed behavior suggests that the threat actor intended to eavesdrop and keep access undetected for as long as possible."

Guam, a US territory since 1898, is strategically located in the Western Pacific. It is a major naval and air base, deploying some 6,000 troops, and controls 40% of the territory.

Separately, security agencies from various countries, including the US National Security Agency, the FBI, the Cyber and Infrastructure Security Agency, along with their counterparts in Australia, New Zealand, Canada and Great Britain, have issued a joint warning, sharing technical details about "the group's recently discovered activities." They warned that similar activity could manifest globally and that spying activity could be hidden within Windows systems.