Home China-linked hackers target US infrastructure for over five years

China-linked hackers target US infrastructure for over five years

China-backed hackers have been infiltrating major U.S. critical infrastructure sectors for “at least five years,” an intelligence advisory revealed today. This campaign, detailed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the NSA, and the FBI, underscores a bold shift in China’s cyber operations strategy, extending beyond traditional espionage to potentially seizing control of vital U.S. systems.

The advisory sheds light on the activities of the China-associated hacking group, Volt Typhoon, which has systematically targeted and gained prolonged access to networks within critical sectors, including water, transportation, energy, and communications. By exploiting vulnerabilities in routers, firewalls, and VPNs, and leveraging stolen administrator credentials, Volt Typhoon has not only infiltrated but also maintained its foothold within these essential systems for years.

One alarming capability of Volt Typhoon is its control over surveillance camera systems of some victims, which, combined with its sustained network access, could enable the group to disrupt critical controls in energy and water facilities. The use of “living off the land” techniques by the group — utilizing built-in tools to minimize detection — further complicates efforts to identify and mitigate these threats.

International concerns and defensive measures

The advisory, which also drew contributions from authorities in Canada, Australia, and New Zealand, highlights a growing international concern over China’s cyber activities. The collaborative warning points to a broader pattern of targeting by China, not limited to the U.S. but extending to other allied nations as well.

This revelation comes amid heightened U.S. apprehensions that China might initiate destructive cyberattacks in the context of escalating tensions over Taiwan. Previous alerts from Microsoft and the U.S. government have indicated Volt Typhoon’s strategic positioning to attack U.S. infrastructure, including water utilities and ports. Although recent efforts have thwarted the group’s immediate access, officials caution that Volt Typhoon remains determined to find alternative entry points.

The advisory underscores the systemic vulnerabilities plaguing U.S. critical infrastructure, from inadequate password management and security update protocols to financial constraints hindering security improvements in sectors like water systems. Legal obstacles have further impeded government efforts to mandate cybersecurity audits.

In response to these China-backed hackers, U.S. cyber defense agencies are urging infrastructure operators to strengthen their security postures. Recommended measures include applying software updates to all internet-facing systems, enabling multi-factor authentication, and activating activity logs to monitor for suspicious behavior.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Maxwell Nelson
Tech Journalist

Maxwell Nelson, a seasoned journalist and content strategist, has contributed to industry-leading platforms, weaving complex narratives into insightful articles that resonate with a broad readership.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.