Chinese hackers seek to disrupt U.S.-Asian communications amid crisis, Microsoft says

(CNN) — Chinese government-backed hackers are likely seeking computer capabilities that could be used to “disrupt critical communications” between the United States and the Asia-Pacific region in the event of a future US-China crisis, Microsoft warned on Wednesday.

Chinese hackers have been active since mid-2021 and have been targeting critical infrastructure organizations in the US territory of Guam and elsewhere in the United States in a stealth spying and intelligence-gathering campaign, it said. Microsoft in a new report. Organizations targeted by hackers span the maritime, transportation, communications, utilities, and public administration sectors, among others.

In another notice released Wednesday, the FBI, National Security Agency and other US and Western security agencies said they believe Chinese hackers could apply the same stealth techniques against critical sectors “around the world”. .

Beijing hit back at the accusations on Thursday, calling them a “Five Eyes coalition’s collective disinformation campaign,” referring to the intelligence-sharing group made up of the United States, Britain, Canada, Australia and of New Zealand, whose safety agencies jointly issued the notice.

“The United States is expanding new channels to spread disinformation. This is not the first time, nor the last,” said Mao Ning, spokesperson for China’s Foreign Ministry.

Microsoft’s findings — and the resulting reaction — underscore the key role cyber operations could play in current and future energy competition and territorial disputes between the United States and China in the Pacific.

China has become increasingly aggressive in the region in recent years, including militarizing islands to assert its claims in the South China Sea, in what US officials see as alarming expansionism on the part of Beijing.

Microsoft declined to comment beyond those posted to its blog on Wednesday when asked by CNN for specific information to support the tech company’s conclusion that Chinese hackers were preparing disruptive capabilities for future crises.

The Chinese Embassy in Washington also disputed the charges.

“The US side’s accusation that the Chinese government is ‘supporting piracy’ completely misrepresents the truth,” embassy spokesperson Liu Pengyu said in an email questioned by Microsoft late Wednesday.

US authorities often cite China as the most persistent and prolific hacking threat facing the United States.

Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, said in February that Chinese hackers too often infiltrate US organizations “without being identified or deterred”.

US authorities also fear Chinese hackers have gained a foothold in critical infrastructure in Taiwan that Beijing could use to disrupt key services such as electricity in the event of a Chinese invasion of Taiwan, a senior US official said in March. of the defense.

The defense official, speaking on condition of anonymity, compared China’s investigation into Taiwanese infrastructure to how Russia previously used its hackers to break into Ukraine’s electricity sector. According to the US Department of Justice and private experts, Russian military hackers knocked out power twice in Ukraine in landmark attacks in 2015 and 2016.

“Over the past decade, Russia has attacked various sectors of critical infrastructure in operations that we believe were not designed to have an immediate effect,” said John Hultquist, the firm’s chief analyst. Mandiant Security, owned by Google. “China has done the same thing in the past, targeting the oil and gas sector.”

“Chinese cyber threat actors are unique among their peers in that they do not routinely resort to destructive and disruptive cyber attacks,” Hultquist said. Microsoft’s report “is a rare opportunity to investigate and prepare for this threat.”

— CNN’s Beijing bureau contributed to this report.

You may also like...