China Acknowledges Role in Volt Typhoon Cyberattacks on U.S. Infrastructure
Discover how China admitted to conducting Volt Typhoon cyberattacks on U.S. infrastructure, highlighting escalating cyber warfare tensions.
TL;DR
China has reportedly admitted to conducting the Volt Typhoon cyberattacks on U.S. infrastructure during a secret meeting in Geneva. The admission was indirectly made in response to U.S. support for Taiwan. The Volt Typhoon campaign, active since mid-2021, targeted critical infrastructure sectors including communications, manufacturing, and government.
Main Content
China Admits to Volt Typhoon Cyberattacks on U.S. Infrastructure
China has reportedly acknowledged its role in the Volt Typhoon cyberattacks on U.S. infrastructure during a secret meeting with U.S. officials, as reported by the Wall Street Journal.
During a December summit in Geneva, Chinese officials made ambiguous remarks that were interpreted by the U.S. delegation as a tacit admission of involvement in the cyberattacks. These attacks were reportedly linked to U.S. support for Taiwan.
“During the half-day meeting in Geneva, Wang Lei, a top cyber official with China’s Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.’s military backing of Taiwan, an island Beijing claims as its own, according to current and former U.S. officials familiar with the conversation.” states the WSJ. “Wang or the other Chinese officials didn’t directly state that China was responsible for the hacking, the U.S. officials said. But American officials present and others later briefed on the meeting perceived the comments as confirmation of Beijing’s role and was intended to scare the U.S. from involving itself if a conflict erupts in the Taiwan Strait.“
The Geneva summit also revealed China’s aggressive Salt Typhoon cyber operations, which targeted telecom networks like AT&T and Verizon, spying on unencrypted calls and texts of political figures. While the focus shifted to Volt Typhoon attacks on infrastructure, the tacit admission highlighted China’s willingness to use cyber capabilities to warn the U.S. over Taiwan.
In May 2024, Microsoft reported that the Volt Typhoon APT group infiltrated critical infrastructure organizations in the U.S. and Guam without being detected. The group aimed to maintain access for as long as possible to disrupt critical communications infrastructure between the United States and Asia in case of future crises.
The Volt Typhoon group, active since at least mid-2021, has conducted cyber operations against critical infrastructure sectors including communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education. The group primarily uses living-off-the-land techniques and hands-on-keyboard activity to evade detection.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, China)
For more details, visit the full article: source
Conclusion
The admission by China of its role in the Volt Typhoon cyberattacks underscores the escalating tensions in cyber warfare between the U.S. and China. This revelation highlights the critical need for enhanced cybersecurity measures to protect essential infrastructure and national security interests.