Posted on May 28, 2023 at 8:15 AM

Chinese Hackers Behind A Hacking Breach Against The US Navy

Chinese hackers have been attributed to a hacking breach targeting the US Navy. The breach was part of a broader hacking campaign targeting the Pacific region. According to cybersecurity researchers, the goal of the threat actors is to disrupt communications within the Pacific region as a possible crisis looms.

Chinese hackers target the US Navy

The hacking campaign was confirmed by US navy secretary Carlos Del Toro during an interview with CNBC last week. The secretary admitted that the US Navy was affected by a Chinese state-sponsored hacking group known as Volt Typhoon.

The Volt Typhoon hacking group has been associated with a wide range of hacking campaigns against the government, communications, manufacturing, and IT institutions. The hacking group was named by Microsoft, which also issued a warning about the breaches that were being conducted.

According to Microsoft, the hacking group obtained access to targets based in Guam and the United States. The hackers were targeting the key military operations of the US in the Pacific region.

The warning that was conducted by Microsoft on Wednesday coincided with other reports released by intelligence agencies such as the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the cybersecurity agencies from four other nations that have also reported this hacking activity.

The warnings that were released by the agency have also issued an alert to the corporate and public agencies that were targeted by a sophisticated Chinese state-backed hacking group. The group managed to exploit a vulnerability successfully, leading to the breach. The flaw in question was located within a popular cybersecurity system.

The warning that was released by Microsoft said that it had “moderate confidence” that the breaches in question were conducted on readiness to upend communications in case a crisis was to happen in the future.

The disclosure that was released by the company on the matter came as concerns continued to increase around China and Taiwan. There have been reports that China might take military action to enforce its claim to the self-ruled island of Taiwan. The tensions between China and Taiwan have been increasing significantly.

The US Navy has yet to issue an official statement admitting to the breach and any action that has been taken. Besides the US National Security Agency, the other institutions that have issued a statement on the matter include Australia, Canada, New Zealand, and the United Kingdom.

The countries whose security agencies have participated in the matter are part of a key intelligence alliance. The alliance participates in sharing cybersecurity information, and it is also known as the Five Eyes.

China denies hacking allegations

China has denied the hacking allegations that were made last week. A spokesperson from the Chinese Foreign Ministry, Mao Ning, has commented on the development saying that the report shared by security agencies on the matter was unprofessional, adding that it contained a broken chain of evidence.

“Apparently, this has been a collective disinformation campaign launched by the US through the Five Eyes to serve its geopolitical agenda. It’s widely known that the Five Eyes is the world’s biggest intelligence association, and the NSA the world’s biggest hacking group,” the statement from Ning said.

The reason by the tech giant Microsoft, the US, and its allies made a decision to shed the limelight on the hacking group last week. One of the reasons why the information might have been shared is to give private companies a chance to take proactive measures and defend themselves from the actions taken by the Chinese hackers.

There is still a possibility that the conflict between China and Taiwan will continue to intensify in the future. The chief analyst at Mandiant Intelligence, John Hultquist, said that it was likely that the authorities wanted to help private companies take the necessary measures before the full intention of the hackers is realized.

Hultquist said that the issue of protecting critical infrastructure from major cyberattacks was the responsibility of the private sector. This sector needs to defend itself against these hackers. Therefore, it was important that the intelligence regarding the hacking activity became accessible to the right people.

The details pertaining to these attacks have shed rare light on the potential sabotage efforts by Chinese hackers. While Chinese hackers have been attributed to several activities, information on the matter has been limited. On the other hand, Russian hackers have more popularity.

Cybersecurity analyst believes that this organization has been around for a long. They believe that the group is now advancing its activities, given that it has now focused on targeting military institutions.