Microsoft said on Wednesday that Chinese state-sponsored hackers attacked “critical” U.S. cyber infrastructure.
“Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States,” Microsoft wrote.
The cyber attack reportedly was carried out by a hacking group called “Volt Typhoon,” which usually focuses on espionage and information gathering.
“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” Microsoft added.
Volt Typhoon, a Chinese state-sponsored actor, uses living-off-the-land (LotL) and hands-on-keyboard TTPs to evade detection and persist in an espionage campaign targeting critical infrastructure organizations in Guam and the rest of the United States. https://t.co/FZxjfiA0Hw
— Microsoft Threat Intelligence (@MsftSecIntel) May 24, 2023
From Microsoft:
Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and