What we know about China’s hacking of Navy systems
Chinese-backed hackers breached American infrastructure, including technology systems belonging to the U.S. Navy, government officials confirmed this past week.
Technology company Microsoft first reported on the hack, identifying the group and the techniques used to pull it off. The operation aimed to gain access to communications systems in the United States and U.S. Navy infrastructure on Guam. The island is home to several military installations, including a large contingent of B-52 bombers and U.S. Navy submarines.
In response the United States and allies published a report on how to detect and protect against such intrusions.
Subscribe to Task & Purpose Today. Get the latest military news and culture in your inbox daily.
Who is behind it?
Microsoft Corp. first reported the apparent hack on Wednesday, May 24. It identified the perpetrators with “moderate confidence” as Volt Typhoon, a “state-sponsored actor based in China that typically focuses on espionage and information gathering.” The group has been active since at least 2021.
This specific hack saw Volt Typhoon using legitimate credentials to gain access to the systems, getting inside and then using small-office routers to disguise where the intrusion is coming from. Cybersecurity experts call this approach “living off the land.” They obtained initial access by targeting Fortinet cybersecurity devices, taking advantage of a flaw in the system to gain credentials.
The Chinese government has denied the allegations, calling them a “collective disinformation campaign” by the countries that make up the Five Eyes intelligence sharing organization, the United States, United Kingdom, Canada, Australia and New Zealand.
What was affected?
The full extent of the hack is not clear, but the infrastructure targeted “span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors,” Microsoft said.
“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the…
