NewsNationalScripps News


Chinese hackers threaten US cybersecurity

Chinese hackers reportedly tried to disrupt communications between the U.S. and its Five Eyes allies — Canada, New Zealand, Australia and the U.K.
Chinese hackers threaten US cybersecurity
Posted at 11:17 AM, May 25, 2023

Critical online spaces in the U.S. are being jeopardized Thursday morning by Chinese hackers. 

Microsoft reports a state-run group is threatening critical parts of the country's cyberinfrastructure. Early analysis indicates their goal is espionage. 

Many fear these attacks could turn to a global threat, with the U.S. government already warning they pose a growing risk to Americans' intellectual property. 

There are three U.S. military bases on Guam, which is in a strategic part of the Indo-Pacific, should the Chinese Communist Party look to attack Taiwan, or provide some type of blockade through Taiwan. The general thinking is that Chinese hackers tried to disrupt communications from the U.S. and its Five Eyes allies. That partnership includes the U.K., Canada, New Zealand and Australia. So, this is a strategic military base, and the strategic disruption from communications could have severe consequences in terms of the ability of the U.S. military to to communicate with its allies in that region at a time in which China is increasingly growing aggressive in Taiwan.

The so-called Vault Typhoon Chinese espionage group is blamed for trying to infect the critical U.S. cyberinfrastructure, laying the groundwork to hurt communications between the U.S. and Asia, and its Five Eyes partners. The tactics they're using are making an intrusion hard to detect; they've had strength in terms of how they have tried to shield the way that they've done this — which has been going on since 2001. 

In a statement, Cybersecurity and Infrastructure Security Agency Director Jen Easterly said, "For years, China has conducted aggressive cyberoperations to steal intellectual property and sensitive data from organizations around the globe."

SEE MORE: Microsoft: State-backed Chinese hackers could be ready for disruption

There's another part of the story that's crucial: the public-private partnership element of the U.S. government, as well as its ability to work with companies like Microsoft. 

Microsoft shared a statement talking about the disruption that the Chinese espionage did, in fact, conduct. The ability for the U.S. government to work with prominent U.S.  tech companies like Microsoft is also at the forefront of this at a time in which there's growing geopolitical risk because of the Chinese Communist Party's continued actions, insinuating that they're going to cause some type of disruption against Taiwan.

Jamil Jaffer is the founder and executive director of the National Security Institute at George Mason University's Law School. He's also a venture partner at Paladin Capital Group. He says Thursday morning's data breach is a significant threat and what's interesting out about this particular hack is that the Chinese have come in through in a variety of new methods. 

"They've been looking at small and home office routers, which is the kind of thing that a lot of us have in our homes," Jaffer explained. "In addition, they've exploited the Microsoft infrastructure — so, the Microsoft active directory system, the way Microsoft logs people in, has been exploited by the Chinese to get long-term access. They're able to create their own user accounts and hide inside the systems the same way the Russians did in the SolarWinds hack."

Jaffer says what makes this infrastructure breach so dangerous is that it's hard to get the hackers out once they're inside the system in that way. He warns that when you see an alert coming from the National Security Agency, CISA or our global partners that you take action. He also called on companies to invest in cybersecurity software to get ahead of the problem and protect themselves from hacking. 

Trending stories at