Chinese government hackers have been detected installing mysterious computer code, referred to as a “web shell,” in telecommunications systems in Guam, and other parts of the United States. Microsoft and American intelligence agencies identified the code as part of a state-sponsored Chinese hacking group known as “Volt Typhoon.”
Why it matters: While the current intrusions appear to be espionage-oriented, the code could potentially enable destructive attacks. The National Security Agency and other agencies from the US, Australia, Britain, New Zealand, and Canada published a joint advisory warning about the Chinese hacking activity. Key points of concern include the vulnerability of home routers, the potential for attacks on critical infrastructure like communications, utilities, maritime operations, and transportation, and the broader threat to national security.
- The incident follows the recent recovery of a Chinese spy balloon off the South Carolina coast, which raised concerns about Chinese intelligence collection efforts and potential disruptions to American communications.
- The focus on Guam, with its strategic military significance in any American response to a Taiwan invasion or blockade, highlights the urgency to address cybersecurity vulnerabilities in critical networks.
- Microsoft disclosed details of the code, allowing corporate users and manufacturers to detect and remove it, while the US government issued a joint advisory warning about Chinese hacking activities.