NSA, Microsoft Issue Critical Cyberthreat Report to US Infrastructures Backed by Chinese State-Sponsored Actor
The United States, through the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), Microsoft and others, Published Joint Cybersecurity Advisory (CSA) Intelligence Information It named the US-based operations of Bolt Typhoon, a state-sponsored organized cybercriminal group based in China. This report outlines operations aimed at infiltrating and compromising critical infrastructure in a variety of areas across the continental United States. In addition, how individuals associated with this group will be able to live on land in the continental United States by adopting technology to live offshore (meaning isolated, self-sufficient cells) and practice keyboards (operating entirely online). It details how it operated without being detected.
According to Microsoft: moderate confidence It said the group’s campaign aims to pursue “development of capabilities that could disrupt critical communications infrastructure between the United States and the Asian region in the event of a future crisis.”
Bolt Typhoon activity in the United States dates back to at least mid-2021 and targets multiple organizations across multiple sectors of the economy. Communications, manufacturing, utilities, transportation, construction, maritime, government, information technology and education sectors.
Digitization (the act of introducing digital capabilities into analog work) is a reality of our lives, and so is its rapid increase. Every year, new products come out with additional digital features. Both analog and disconnected tools are relegated to oblivion or niche because this feature is usually worth the additional investment (due to cost savings, efficiency gains, utility, or other metrics the market wants). will be phased out gradually. You’d be surprised how much your communications infrastructure already relies on digital systems.
Of course, the problem with digital systems is that they can be remotely hacked.
For a more concrete example, we’ll look at cases where: Microsoft Helps Remove Russian Malware Installed on Ukrainian Tram Infrastructure. The system was infected with wiper-type malware that could delete the entire system or delete important files needed, for example, if the train control system were to become inoperable. This happened before the war. The same rail system evacuated a large number of Ukrainian war refugees after the invasion.
The problem here is that digitization means more opportunities for remote access, which in turn increases the likelihood of an attack (for example, Russia would rather use a digital approach than launching rockets at Ukrainian drones). disabling the drone during the flight, consuming less resources). Even as our lives become more efficient, technological and interconnected, many aspects of our lives become vulnerable to the lowest cost and most efficient types of attacks. things are increasing. cyber attack.
In addition to the desire to increase military effectiveness in the event of a conflict with the United States, part of the reason for targeting US-Asian communications is called Taiwan. There has been ample evidence of a tug-of-war between the United States and China over the technological treasure of Taiwan Semiconductor Manufacturing Company (TSMC). Sometimes the most desirable “object” in the room is simply not the best location.
