China has denied allegations by the US government and Microsoft that a state-sponsored hacking group called the Volt Typhoon has infiltrated US critical infrastructure, according to Bloomberg. The country’s National Computer Virus Emergency Response Center called the claims a “political farce” orchestrated by US officials in a new report. It also reportedly cited more than 50 cybersecurity experts who agreed with the agency that there’s no sufficient evidence linking Volt Typhoon to the Chinese government.

Moreover, the Chinese agency said that it’s the US that uses “cyber warfare forces” to penetrate networks and conduct intelligence gathering. It even accused the US of using a tool called “Marble” that can insert code strings in the Chinese and Russian languages to frame China and Russia for its activities.

Microsoft and the National Security Agency (NSA) first reported about Volt Typhoon back in May 2023. They said that the group installed surveillance malware in “critical” systems on the island of Guam and other parts of the US and has had access to those systems for at least the past five years. In February this year, the Cybersecurity and Infrastructure Security Agency (CISA), the NSA and the FBI issued an advisory warning critical infrastructure organizations that state-sponsored cyber actors from China “are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks.”

The US agencies said Volt Typhoon had infiltrated the US Department of Energy, US Environmental Protection Agency, as well as various government agencies in Australia, the UK, Canada and New Zealand. Volt Typhoon doesn’t act like other cyberattackers and espionage groups do. It hasn’t used the malware it installed to attack any of its targets — at least not yet. The group is “pre-positioning” itself so that it can disrupt critical infrastructure functions when it wants to, which the US government believes is “in the event of potential geopolitical tensions and/or military conflicts” with the United States.



Source link