- In milestone, SpaceX 'catches' megarocket booster after test flight
- In a first, SpaceX 'catches' megarocket booster after test flight
- Bangladeshi Hindus shrug off attack worries to celebrate festival
- Ubisoft fears assassin's hit over falling sales
- Vietnam, China hold talks on calming South China Sea tensions
- SpaceX will try to 'catch' giant Starship rocket shortly before landing
- Japan's former empress Michiko discharged after surgery: reports
- Japan's former empress Michiko discharged after surgey: reports
- 'Little Gregory' murder haunts France 40 years on
- Tariffs, tax cuts, energy: What is in Trump's economic plan?
- Amazon wants to be everything to everyone
- Jewish school in Canada hit by gunfire for second time
- With medical report Harris seeks to play health card against Trump
- China-EU EV tariff talks in Brussels end with 'major differences': Beijing
- Buried Nazi past haunts Athens on liberation anniversary
- Harris to release medical report confirming fitness for presidency: campaign
- Nobel prize a timely reminder, Hiroshima locals say
- China offers $325 bn in fiscal stimulus for ailing economy
- Small Quebec company dominates one part of NHL hockey: jerseys
- Boeing to cut 10% of workforce as it sees big Q3 loss
- Want to film in Paris? No sexism allowed
- US, European markets rise as investors weigh rates, earnings
- In Colombia, children trade plastic waste for school supplies
- JPMorgan Chase profits top estimates, bank sees 'resilient' US economy
- Little progress at key meet ahead of COP29 climate summit
- 'Party atmosphere': Skygazers treated to another aurora show
- Kyrgyzstan opens rare probe into glacier destruction
- European Mediterranean states discuss Middle East, migration
- Thunberg leads pro-Palestinian, climate protest in Milan
- Stock markets diverge before China weekend briefing
- EU questions shopping app Temu over illegal products risk
- Han Kang's books sell out in South Korea after Nobel win
- Shanghai markets sink ahead of briefing on mixed day for Asia
- Investors, analysts eye bigger China stimulus at Saturday briefing
- Musk unveils robotaxi, pledges it 'before 2027'
- At least 11 dead in Florida but Hurricane Milton not as bad as feared
- Asian markets mixed after Wall St drop, Shanghai dips before briefing
- Automaker Stellantis says CEO will retire in 2026
- Musk's promised robotaxi unveil delayed
- On US coast, wind power foes embrace 'Save the Whales' argument
- At least 10 dead in Florida after Hurricane Milton spawns tornadoes
- Internet Archive reels from 'catastrophic' cyberattack, data breach
- Wall Street stocks retreat from records on US inflation data
- Israel strikes central Beirut, killing 22
- Solar storm could impact US hurricane recovery efforts: agency
- Delta eyes Election Day travel pullback as profits climb
- Florida battered by hurricane, floods but spared 'worst-case scenario'
- UK's William and Kate in first joint public engagement since cancer treatment
- Over 200 women in legal talks with Harrods over Fayed abuse claims
- A very stiff breeze: BBC says sorry for 20,000 kph wind forecast
US, Microsoft warn Chinese hackers attacking 'critical' infrastructure
State-sponsored Chinese hackers have infiltrated critical US infrastructure networks, the United States, its Western allies and Microsoft said Wednesday while warning that similar espionage attacks could be occurring globally.
Microsoft highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets, but said "malicious" activity had also been detected elsewhere in the United States.
It said the hacking, dubbed "Volt Typhoon", had started in mid-2021 and was likely aimed at hampering the United States if there was conflict in the region.
"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the statement said.
"In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.
"Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible."
Microsoft's statement coincided with an advisory released by US, Australian, Canadian, New Zealand and UK authorities.
They said a "state-sponsored cyber actor" from China was behind Volt Typhoon and that the hacking was likely occurring globally.
"This activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide," the advisory said.
The United States and its allies said the activities involved "living off the land" tactics, which take advantage of built-in network tools to blend in with normal Windows systems.
It warned that the hacking could then incorporate legitimate system administration commands that appear "benign".
-'Highly sophisticated'-
Microsoft said Volt Typhoon tried to blend into normal network activity by routing traffic through compromised small office and home office network equipment, including routers, firewalls and VPN hardware.
"They have also been observed using custom versions of open-source tools," Microsoft said.
Microsoft and the security agencies released guidelines for organisations to try and detect and counter the hacking.
The director of the US Cybersecurity and Infrastructure Security Agency, Jen Easterly, also released a warning related to Volt Typhoon.
"For years, China has conducted operations worldwide to steal intellectual property and sensitive data from critical infrastructure organizations around the globe," Easterly said.
"Today's advisory, put out in conjunction with our US and international partners, reflects how China is using highly sophisticated means to target our nation's critical infrastructure.
"This joint advisory will give network defenders more insights into how to detect and mitigate this malicious activity."
China offered no immediate response to the allegations. But it routinely denies carrying out state-sponsored cyber attacks.
China in turn regularly accuses the United States of cyber espionage.
While China and Russia have long targeted critical infrastructure, Volt Typhoon offered new insights into Chinese hacking, according to John Hultquist, chief analyst at US cybersecurity company Mandiant.
"Chinese cyberthreat actors are unique among their peers in that they have not regularly resorted to destructive and disruptive cyberattacks," he said.
"As a result, their capability is quite opaque.This disclosure is a rare opportunity to investigate and prepare for this threat."
L.Peeters--CPN