The hacking group, known as Volt Typhoon, embedded malware within privately-owned, small office and home office routers as part of a campaign to target critical infrastructure in the U.S. and elsewhere, officials said. The attackers focused their efforts on water treatment plants, oil and natural gas pipelines, transportation systems and parts of the power grid, according to FBI Director Christopher Wray. (Wikimedia Commons)
A court-authorized operation had disrupted a Chinese state-sponsored hacking operation in which spies hijacked a large network of devices in the U.S., officials from the Federal Bureau of Investigation and the U.S. Department of Justice said on Wednesday.
The hacking group, known as Volt Typhoon, embedded malware within privately-owned, small office and home office routers as part of a campaign to target critical infrastructure in the U.S. and elsewhere, officials said. The attackers focused their efforts on water treatment plants, oil and natural gas pipelines, transportation systems and parts of the power grid, according to FBI Director Christopher Wray.
The routers were vulnerable because they had reached “end of life” status, meaning they could no longer administer software updates. The operation deleted the malware from the routers and severed their connection to the rest of the network of hacked devices, the DOJ said in a statement.
Reuters previously reported on the U.S. operation.
The announcement Wednesday took place as senior administration officials appeared before a congressional hearing to warn about China’s growing cyber prowess.
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray said in prepared remarks.
In May last year, Microsoft Corp. said Volt Typhoon had gained access to infrastructure organizations in Guam and elsewhere in the U.S., with the likely goal of disrupting critical communications. The group had been active since mid-2021, targeting organizations that span manufacturing, construction, maritime, government, information technology and education, Microsoft said at the time. It notified targeted or compromised customers after assessing with “moderate confidence” that the hacks were being carried out in preparation to upend communications during a future crisis.
More stories like this are available on bloomberg.com
©2024 Bloomberg L.P.
