Share this article on:
China has responded to the accusations that it was behind a number of critical infrastructure attacks in the US, calling it a disinformation campaign.
The Five Eyes cyber alliance, comprised of Australia, the US, the UK, New Zealand and Canada, said that a Chinese state-backed cyber criminal group known as Volt Typhoon was responsible for a number of attacks on US critical infrastructure after the activity was discovered by Microsoft.
Now, China is hitting back at the blame, with the nation’s foreign ministry spokesperson Mao Ning calling it a scheme by the US to rally the other Five Eyes nations against it.
“Obviously, this is a collective disinformation campaign by the United States to mobilise the Five Eyes countries for geopolitical purposes,” said Mao Ning.
“It is a report that has … a serious lack of evidence and is extremely unprofessional.
“As we all know, the Five Eyes is the world’s largest intelligence organisation and the NSA is the world’s largest hacker organisation, and it is ironic that they have joined forces to issue disinformation reports.”
Microsoft said that Volt Typhoon generally attacks organisations to spy and gain information, but that the most recent activity saw it “pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and [the] Asia region during future crises”.
Mao Ning further critiqued Microsoft’s involvement, saying that it meant that “the US is expanding the channels for spreading disinformation”.
“But no matter how the tactics change, it does not change the fact that the US is the empire of hacking,” she said.
The attacks by Volt Typhoon used living-off-the-land techniques to target a number of US government sectors and critical infrastructure organisations, affecting education, technology, manufacturing and more, all while remaining under the radar.
To do this, the group used stolen credentials and command line instructions, as well as routing commands through SOHO hardware, such as routers and VPN hardware, to launch attacks undetected.
Global chief architect for defence and intelligence at archTIS, Tony Howell, said that simulating ordinary activity is the nature of modern attacks.
“Modern attacks are craftily designed to mimic the actions of valid users and local network traffic, rendering traditional role-based access controls inadequate,” he said.
Prior to the recent accusations, Mao Ning had previously accused the US of hacking it, saying that the NSA was behind an attack on China’s Northwestern Polytechnic University.
“The US side should immediately give an account of the cyber attack instead of spreading false information to divert attention,” she said.