Microsoft says Chinese malware hits systems in US' Guam

Technology Thursday 25/May/2023 08:23 AM
Microsoft says Chinese malware hits systems in US' Guam

New York: American intelligence agencies and Microsoft have detected a mysterious computer code that has been popping up in telecommunications systems in Guam and elsewhere in the United States. Microsoft says the code was installed by a Chinese government hacking group, The New York Times reported.

This raises alarms because Guam, with its Pacific ports and vast American air base, would be a centerpiece of any American military response to an invasion or blockade of Taiwan. According to The New York Times, the code was installed with great stealth, sometimes flowing through routers and other common internet-connected consumer devices to make the intrusion harder to track.

Microsoft and the National Security Agency were set on Wednesday to publish details of the code that would make it possible for corporate users, manufacturers and others to detect and remove it.

The code is called a "web shell," in this case a malicious script that enables remote access to a server. Home routers are particularly vulnerable, especially older models that have not had updated software and protections, according to The New York Times.

Microsoft called the hacking group "Volt Typhoon". The company said it was part of a state-sponsored Chinese effort aimed at not only critical infrastructure such as communications, electric and gas utilities, but also maritime operations and transportation.

The intrusions appeared, for now, to be an espionage campaign. But the Chinese could use the code, which is designed to pierce firewalls, to enable destructive attacks, if they choose.

According to Microsoft, there is no evidence that the Chinese group has used the access for any offensive attacks. Unlike Russian groups, the Chinese intelligence and military hackers usually prioritize espionage.

In interviews, administration officials said they believed the code was part of a vast Chinese intelligence collection effort that spans cyberspace, outer space and, as Americans discovered with the balloon incident, the lower atmosphere, as per The New York Times.