The United States Navy was one of the victims of a cyberattack conducted by a Chinese government hacking group discovered earlier this year by Microsoft, Secretary of the Navy Carlos Del Toro revealed on Thursday.
According to CNBC, Del Toro said the Navy “has been impacted” by the cyberattacks that Microsoft said also involved installing a malicious computer code in telecommunications systems in Guam and other U.S. locations.
Del Toro noted it was “no surprise that China has been behaving in this manner, not just for the last couple years, but for decades.”
Del Toro’s revelations come after the Microsoft executive who oversees the company’s threat intelligence unit, Tom Burt, said Microsoft analysts discovered mysterious code in February, according to The New York Times.
The invasive code was installed in secret through routers and other internet-connected consumer devices, the Times reported, making the hack difficult to detect.
The National Security Agency, along with five partner agencies, released the “People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection” Cybersecurity Advisory (CSA) “to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon.”
“For years, China has conducted operations worldwide to steal intellectual property and sensitive data from critical infrastructure organizations around the globe,” CISA Director Jen Easterly said in a statement. “Today’s advisory, put out in conjunction with our US and international partners, reflects how China is using highly sophisticated means to target our nation’s critical infrastructure.”
“This joint advisory will give network defenders more insights into how to detect and mitigate this malicious activity,” Easterly continued. “At the same time, we must recognize the agility and capability of PRC cyber actors, and continue to focus on strong cybersecurity practices like network segmentation and ongoing investments in promoting the resilience of critical functions under all conditions. As our nation’s cyber defense agency, CISA stands ready to aid any organization affected and we encourage all organizations to visit our webpage for guidance and resources to make their networks more resilient.”
This was a breaking news story. The details were periodically updated as more information became available.
