A group of Chinese hackers targeting critical U.S. infrastructure has been active for five years, U.S. and allied intelligence agencies said in a joint statement Wednesday.
The U.S. National Security Agency, U.S. cyber surveillance agency CISA, the FBI, and the Transportation Security Administration have reported that a group known as Bolt Typhoon has attacked networks of airlines, railroads, public transportation, highways, maritime, pipelines, and water and wastewater organizations. It was announced that they were secretly infiltrating. .
Although no organizations were named, the statement said U.S. intelligence officials observed that the hackers “maintained access and a foothold in some of the victims’ IT environments for at least five years.” He said that
The statement, co-signed by cybersecurity agencies in the UK, Australia, Canada and New Zealand, is the latest in a series of warnings from US officials regarding Bolt Typhoon. Bolt Typhoon is more sabotage than espionage.
The widespread nature of the hack prompted a series of meetings between the White House and the private technology industry, including several telecom companies and cloud commuting companies, during which the U.S. government requested help tracking the activity. .
Ahead of the statement, Eric Goldstein, a senior CISA official, referred to the People’s Republic of China, saying, “We are extremely concerned about malicious cyber activity by Chinese state-backed actors, which the industry has dubbed Bolt Typhoon.” told Reuters. “Most of the victims we identify have no legitimate espionage value.”
