Microsoft said Wednesday that state-backed Chinese hackers have been targeting U.S. critical infrastructure, including sites in Guam, where the U.S. has a significant military presence.
The hackers, which Microsoft calls Volt Typhoon, have been active since mid-2021 and seek continued access to organizations in the communications, manufacturing, utility, transportation, construction, maritime, information technology, and education sectors.
Microsoft said the intrusion campaign places a “strong emphasis on stealth” and seeks to blend into regular network activity by hacking small-office network equipment, including routers.
The National Security Agency, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and their counterparts from Australia, New Zealand, Canada, and Britain published a joint advisory sharing technical details on “the recently discovered cluster of activity.”
“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe,” said CISA Director Jen Easterly, urging mitigation of affected networks to prevent possible disruption. Bryan Vorndran, the FBI cyber division assistant director, called the intrusions “unacceptable tactics” in the same statement.
Tensions between Washington and Beijing—which the U.S. national security establishment considers its leading military, economic and strategic rival—have increased in recent months.
Those tensions spiked last year after then-House Speaker Nancy Pelosi visited democratically governed Taiwan, leading China, which claims the island as its territory, to launch military exercises around Taiwan.
U.S.-China relations further strained this year after the U.S. shot down a Chinese spy balloon crossing the United States.
How CEOs should be thinking about the issue:
CEOs should begin implementing strong cybersecurity measures, such as using multi-factor authentication and keeping software current. CEOs should also be prepared to respond to a cyberattack by having a plan to restore operations and communicate with customers and employees.
In addition to taking technical steps, CEOs should also work to build relationships with their counterparts in China. This can help build trust and understanding, making it more difficult for hackers to operate.
Written by
The above article was written, edited, and reviewed with AI assistance by experienced CEO.com journalists and researchers to produce the most accurate and highest-quality information.