© Reuters. FILE PHOTO: A computer symbol appears on a screen above the Chinese flag in this pictogram on July 12, 2017. Photograph: Thomas White/Reuters
Written by James Pearson and Raphael Sater
LONDON (Reuters) – A group of Chinese hackers recently launched a multi-state alert is carrying out a campaign of cyberespionage against military and government targets in the United States, researchers said on Thursday.
The Chinese government has rejected assertions that its spies are hunting Western targets, describing the joint warning issued by the United States and its allies as a “mass disinformation campaign”.
The group — dubbed Microsoft’s (Nasdaq: Volt Typhoon) — has been the subject of an alert issued by the cybersecurity and intelligence agencies of the United States, Britain and their close allies.
Chinese cyber spies are seen to “primarily target organizations in the US in the defense and government (fields), primarily for espionage purposes,” according to researcher Mark Bernard, whose organization — Secureworks — has dealt with several Vault Typhoon-related hacks.
The analysis by Secureworks — an arm of Dell Technologies (NYSE: ) — adds context to the warning Microsoft issued on Wednesday.
The warning stated that the Volt Typhoon was developing capabilities that “could disrupt critical communications infrastructure between the United States and the Asian region during future crises” — a reference to escalating tensions between China and the United States over Taiwan and other issues.
Microsoft said the group targeted critical infrastructure organizations in the US Pacific territory of Guam.
The reference to potential subversive activity drew widespread attention. fortinet (NASDAQ:) , whose FortiGuard devices Microsoft said was abused by a Volt Typhoon for breaking into its targets, saw its shares tumble more than 2%.
Bernard said SecureWorks had seen no evidence of destructive activity by the Volt Typhoon, but that in general its hackers were focused on stealing information that would “shed light on US military activities.”
He declined to name the “handful” of victims Secureworks helped deal with Volt Typhoon.
Chinese Foreign Ministry spokesman Mao Ning told reporters that the alerts issued by the US, Britain, Canada, Australia and New Zealand were intended to promote their intelligence alliance, known as the Five Eyes – and that Washington was responsible for the hacking. .
Mao said, “The United States is a hacking empire.”
