Microsoft has issued a warning stating that Chinese state-sponsored hackers, known as "Volt Typhoon," have successfully compromised critical US cyber infrastructure in various industries, aiming to gather intelligence.
The hackers are focused on disrupting communication infrastructure between the United States and Asia, with the intent of maintaining undetected access for espionage purposes rather than causing immediate disruption.
Impacted organisations are advised to take action by closing or changing compromised account credentials.
Microsoft has said that a relentless campaign of cyber attacks on crucial US infrastructure has been orchestrated by Chinese state-sponsored hackers.
Operating under the codename "Volt Typhoon" since mid-2021, the audacious group has successfully breached multiple industries, with their primary focus centered on intelligence gathering, Microsoft said.
The ongoing assault aims to disrupt vital communications infrastructure between the United States and Asia, hampering response efforts during potential future crises.
Microsoft urgently advises impacted entities to fortify their defenses by swiftly closing or changing compromised account credentials. Exploiting a clandestine vulnerability within the widely-used FortiGuard cybersecurity suite, Volt Typhoon infiltrates corporate systems, pilfering user credentials to infiltrate other crucial networks.
Rather than causing immediate chaos, their insidious intent lies in conducting covert espionage and stealthily maintaining access for extended periods without detection.
Microsoft warns that the impact of these attacks has reverberated throughout numerous critical sectors, encompassing communications, transportation, maritime industries, and even government organisations.
The hackers continue to pose a persistent threat to US companies, with a history of targeting critical and sensitive information. In 2020, prominent law firm Covington and Burling fell victim to suspected Chinese government-backed hackers. This concerning trend prompted a joint statement by the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with international and domestic intelligence services, highlighting the ongoing risk Chinese attacks pose to American intellectual property.
“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe,” CISA director Jen Easterly said in a statement.