US-China trade barbs on disinformation cyberscape

China and the US have been going at each other in the tech space for quite some time now. Now, a misinformation war between the two countries has reached an all-time high, with both of them accusing the other of trying to sabotage their national infrastructure.

Microsoft has warned that Chinese state-sponsored hackers have compromised “critical” US cyberinfrastructure across numerous industries with a focus on gathering intelligence. The Chinese hacking group, codenamed “Volt Typhoon,” has operated since mid-2021 and is apparently working to disrupt “critical communications infrastructure between the United States and Asia,” Microsoft said, to stymie efforts during “future crises.”

The attack is apparently ongoing. In an advisory, Microsoft urged impacted customers to “close or change credentials for all compromised accounts.”

Microsoft and NSA warn against China
The National Security Agency put out a bulletin on Wednesday detailing how the hack works and how cybersecurity teams should respond. US intelligence agencies became aware of the incursion in February, around the same time that a Chinese spy balloon was downed, the New York Times reported.

The infiltration was focused on communications infrastructure in Guam and other parts of the US, the Times reported, and was particularly alarming to US intelligence because Guam sits at the heart of an American military response in case of a Taiwanese invasion.

China’s Digital Spear – Volt Typhoon
Volt Typhoon is able to infiltrate organizations using an unnamed vulnerability in a popular cybersecurity suite called FortiGuard, Microsoft said. Once the hacking group has gained access to a corporate system, it steals user credentials from the security suite and uses them to try to gain access to other corporate systems.

According to Microsoft, the state-sponsored hackers aren’t looking to create disruption yet. Rather, “the threat actor intends to perform espionage and maintain access without being detected for as long as possible.” Infrastructure in nearly every critical sector has been impacted, including the communications, transport, and maritime industries. Government organizations were also targeted.

Chinese government-backed hackers have targeted critical and sensitive information from US companies before. Covington and Burling, a prominent law firm, was hacked by suspected Chinese state-sponsored hackers in 2020.

In a joint statement with international and domestic intelligence services, the Cybersecurity and Infrastructure Security Agency warned that Chinese attacks pose a continued risk to American intellectual property.

“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe,” CISA director Jen Easterly said in a statement.

Chinese hacker, living off the land, infecting the same
In another statement, Rob Joyce, cyber security director of the US National Security Agency, said: “A PRC state-sponsored actor is living off the land, using built-in network tools to evade our defences and leaving no trace behind. That makes it imperative for us to work together to find and remove the actor from our critical networks.”

For those who are unaware, “Living off the land” means a cyber attack that uses legitimate, preinstalled tools and programmes, to carry out a hack, making it far more difficult to detect than traditional malware attacks that work off of already infected files being downloaded by the victim.

China reponds to accusations of hacking US infrastructure
On their part, the Chinese not only denied the allegations but also made an accusation of their own, claiming that the United States and its allied nations were actively involved in a “disinformation campaign.” This accusation came shortly after Washington, along with its European partners and Microsoft, made statements against that China, claiming the vulnerabilities in their systems were because of Chinese hackers, sponsored by the state.

A spokeswoman for China’s Foreign Ministry, Mao Ning criticized the report, dismissing it as highly unprofessional and lacking a coherent chain of evidence, referring to it as mere cut-and-paste work. Mao further characterized these allegations as part of a collective disinformation campaign orchestrated by the Five Eyes coalition countries, namely the United States, the United Kingdom, Canada, Australia and New Zealand.

The claims made by the United States and its allies in the Five Eyes security alliance, consisting of Australia, Canada, New Zealand, and the United Kingdom, echoed the allegations, despite Beijing’s denial of involvement.

Mao asserted that the United States was actively exploring new avenues to disseminate disinformation. However, she argued that no change in tactics could alter the fact that the US remained a dominant force in the realm of hacking activities, referring to it as a “hacker empire.”

Read all the Latest News, Trending News, Cricket News, Bollywood News,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.