U.S. and allied intelligence agencies released a joint statement on Wednesday, revealing that a Chinese hacker group has been targeting critical U.S. infrastructure for the past five years.
The U.S. National Security Agency, U.S. cyber surveillance agency CISA, the FBI, and the Transportation Security Administration disclosed that the group, known as Bolt Typhoon, has been attacking networks related to airlines, railroads, public transportation, highways, maritime, pipelines, and water and wastewater organizations. The agencies reported that the group had been secretly infiltrating these networks.
Although the statement did not specify the organizations targeted, U.S. intelligence officials noted that the hackers had “maintained access and a foothold in some victims’ IT environments for at least five years.”
The joint statement, co-signed by cybersecurity agencies from the UK, Australia, Canada, and New Zealand, is the latest in a series of warnings from US officials about Bolt Typhoon, which is described as more focused on sabotage than espionage.
The widespread nature of the hack led to meetings between the White House and private technology industry leaders, including telecommunications and cloud computing companies, where the U.S. government sought assistance in tracking the activity.
Prior to the release of the joint statement, Eric Goldstein, a senior CISA official, expressed concerns about malicious cyber activity by Chinese state-backed actors, specifically mentioning Bolt Typhoon. Goldstein stated, “Most of the victims we identify have no legitimate espionage value.”
Source: www.theguardian.com
