Volt Typhoon and other Chinese groups accused of hacking the US and others

/in


[1/2] U.S. and Chinese flags are seen in this illustration taken, January 30, 2023. REUTERS/Dado Ruvic/Illustration

SINGAPORE, May 25 (Reuters) – Chinese hacking teams have been blamed by Western intelligence agencies and cybersecurity groups for digital intrusion campaigns across the world, targeting everything from government and military organisations to corporations and media groups

Cybersecurity firms believe many of those groups are backed by China’s government. U.S.-based Mandiant has said some Chinese hacking groups are operated by units of China’s army.

China’s authorities have consistently denied any form of state-sponsored hacking, saying China itself is a frequent target of cyberattacks. It has dubbed the U.S. National Security Agency (NSA) as “the world’s largest hacker organisation”.

Some of the biggest Chinese hacking teams identified by intelligence agencies and cybersecurity groups are:

‘VOLT TYPHOON’

Western intelligence agencies and Microsoft (MSFT.O) said on May 24 that Volt Typhoon, a group they described as state-sponsored, had been spying on a range of U.S. critical infrastructure organisations, from telecommunications to transportation hubs.

They described the attacks in 2023 as one of the largest known Chinese cyber-espionage campaigns against American critical infrastructure.

China’s foreign ministry described the reports as part of a U.S. disinformation campaign.

‘BACKDOORDIPLOMACY’

Palo Alto Networks, a U.S. cybersecurity firm, says its research showed BackdoorDiplomacy has links to the Chinese state and is part of the APT15 hacking group.

A Reuters report in May identified BackdoorDiplomacy as being behind a widespread series of digital intrusions over several years against key Kenyan ministries and state institutions. The Chinese authorities said it was not aware of such hacking and described the accusations as baseless.

APT 41

Chinese hacking team APT 41, which is also known as Wintti, Double Dragon and Amoeba, has conducted a mix of government-backed cyber intrusions and financially motivated data breaches, according to U.S.-based cybersecurity firms FireEye and Mandiant.

The U.S secret service said the team had stolen U.S. COVID relief benefits worth tens of…

Source…