The United States (US) has reportedly taken measures to counter a widespread Chinese hacking operation that compromised thousands of internet-connected devices.
Citing two Western security officials and one person familiar with the matter, Reuters reported that the Justice Department and Federal Bureau of Investigation (FBI) secured legal authorization to remotely disable aspects of the Chinese hacking campaign.
The US government has launched an operation to fight the extensive Chinese hacking operation in recent months.
US Targets the Volt Typhoon Hacking Group
The hacking group at the center of recent activity, Volt Typhoon, has reportedly raised concerns among intelligence officials for its involvement in a broader effort to compromise Western critical infrastructure, including ports belonging to the navy, internet service providers, and utilities.
Sources told Reuters that the Volt Typhoon campaign was initially revealed in May 2023, but the hackers even expanded their operations late last year and modified some of their techniques.
According to Reuters, the scope and severity of the cyberattacks led to several meetings between the White House and private technology industry representatives, including those from telecommunications and cloud computing companies, where the government appealed for assistance in tracking the activity.
National security experts suggest that such breaches could potentially allow China to remotely disrupt vital facilities in the Indo-Pacific region supporting or servicing US military operations. Sources noted that US officials are particularly concerned that the Chinese hackers were working to weaken US readiness in the event of China's invasion of Taiwan.
The Biden administration has been focusing on hacking for fear that some countries may interfere and try to disrupt the US election in November. Ransomware attacks also wreak havoc on Corporate America.
About Chinese 'Volt Typhoon' Hacking Group
Volt Typhoon reportedly operates by taking control of vulnerable digital devices worldwide, such as routers, modems, and internet-connected security cameras, forming a botnet.
According to security experts, this network of compromised systems conceals subsequent attacks on more sensitive targets, making it challenging for cybersecurity defenders to monitor and trace foreign intrusions effectively.
"How it works is the Chinese are taking control of a camera or modem that is positioned geographically right next to a port or ISP (internet service provider) and then using that destination to route their intrusions into the real target... To the IT team at the downstream target it just looks like a normal, native user that's sitting nearby," a former official familiar with the matter told Reuters.
The Justice Department and FBI reportedly declined to comment on these reported actions, and the Chinese embassy in Washington has also not yet responded to these allegations.
In the past, China dismissed hacking allegations, describing them as part of a "collective disinformation campaign" by Five Eyes countries, referring to the intelligence-sharing alliance comprising the US, Canada, New Zealand, Australia, and the United Kingdom.
Join the Conversation