Welcome to this week’s installment of The Intelligence Brief… yesterday, U.S. intelligence officials and industry leaders issued a warning about a new state-sponsored Chinese hacking threat. In our analysis, we’ll be looking at 1) Volt Typhoon and what intelligence officials know about it so far, 2) what the hacking effort is aiming to do and what areas of U.S. industry and government may have been affected, and 3) how this and other developments in recent days relates to lingering concerns over China’s ambitions regarding Taiwan.
Quote of the Week
“No technology that’s connected to the Internet is unhackable.”
Podcasts: This week in podcasts from The Debrief, MJ Banias and Stephanie Gerk discuss robots, human aging, and directed energy weapons in the latest installment of The Debrief Weekly Report. Meanwhile, this week on The Micah Hanks Program, I caught up with Dr. Colm Kelleher, the former deputy administrator of Bigelow Aerospace Advanced Space Studies (BAASS) and a key figure in the DIA’s controversial Advanced Aerospace Weapons Systems Application Program (AAWSAP). You can subscribe to all of The Debrief’s podcasts, including audio editions of Rebelliously Curious, by heading over to our Podcasts Page.
Video News: Recently on Rebelliously Curious,Chrissy Newton talked with Daniel Sheehan, a lawyer specializing in constitutional and public interest matters who discusses the activities of alleged UAP whistleblowers and shares his insights on Sean Kirkpatrick’s recent hearing and involvement within AARO. Also, if you missed the first installment of our all-new series “Ask Dr. Chance,” be sure to check out the first episode, and episode two airing in the weeks ahead. You can also watch past episodes and other great content from The Debrief on our official YouTube Channel.
That all out of the way, it’s time to examine what we’ve learned this week about the latest hacking efforts by China against U.S. industries and government agencies and what it all could mean regarding the building tensions between Washington and Beijing.
Volt Typhoon Makes Landfall
This week, it was learned that Chinese state-sponsored hackers were involved in a widespread hacking effort that targeted several U.S. industries, resulting in significant compromises from the apparent intelligence-gathering effort.
Attributed to a Chinese hacking group dubbed “Volt Typhoon,” a warning was issued by Microsoft on Wednesday that the efforts had partly aimed to impact “critical communications infrastructure between the United States and Asia,” in addition to the collection of intelligence about U.S. assets.
In an advisory issued by the company, Microsoft indicated that the attack appears to be ongoing. U.S. intelligence agencies provided additional information on the hacking effort, along with guidance for cybersecurity experts on mitigating the impact of the attack.
“The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI),” and several security agencies from other nations published a Joint Cybersecurity Advisory on Wednesday, which shared “technical details regarding malicious activity by a People’s Republic of China (PRC) state-sponsored cyber actor.”
According to the CISA statement, “new insights into the specific tactics, techniques, and procedures used by PRC cyber actors to gain and maintain persistent access into critical infrastructure networks” were made available in the advisory.
Meanwhile, as news of the hacking effort has become widespread, we are beginning to learn the full scope of the operation, how long it has been underway, and how it relates to concerns over the looming potential of an eventual Taiwanese invasion.
Timeline and Scope
According to data released this week, the U.S. intelligence community learned of the attack as early as February, amidst the overflight of a Chinese surveillance balloon that transited the United States before being shot down off the South Carolina coast.
Volt Typhoon reportedly exploits vulnerabilities in a cybersecurity suite known as FortiGuard, after which the hackers utilize stolen user credentials once they have entered a corporate network to attempt to gain access to other systems.
NSA Cybersecurity Director Rob Joyce said in a statement that hackers like those involved with the Volt Typhoon effort “find it easier and more effective to use capabilities already built into critical infrastructure environments.”
“A PRC state-sponsored actor is living off the land, using built-in network tools to evade our defenses and leaving no trace behind,” Joyce added. “That makes it imperative for us to work together to find and remove the actor from our critical networks.”
According to Microsoft’s statement this week, China’s hacking effort currently “intends to perform espionage and maintain access without being detected for as long as possible,” slowly collecting information rather than engaging in an overt attack. However, critical infrastructure across a range of sectors, from transport and communications to government organizations, were all among those believed to have been targeted.
Targets of Strategic Significance
Primarily targeting communications infrastructure, the hack initially focused on Guam, a critical strategic location for the U.S. military in relation to China, given that it is the location of the responding American military units in the event of an invasion of Taiwan.
It was also learned this week that a report published online by the Chinese government conveyed the country’s belief that the Navy’s newest aircraft carrier, the USS Gerald R. Ford, could be destroyed by China’s hypersonic weapons arsenal, based on wargame simulations conducted by Chinese military planners.
This isn’t the first time a hack of this kind has taken place. In 2020, a cybersecurity breach believed to have involved China targeted the law firm Covington & Burling in a similar suspected government-backed hacking effort.
Bryan Vorndran, Cyber Division Assistant Director with the Federal Bureau of Investigation (FBI), said his agency and its federal and international partners “will not allow the PRC to continue to use these unacceptable tactics.”
“CISA, NSA, FBI and international partners urge U.S. and allied governments, critical infrastructure, and private sector organizations to apply the recommended mitigations to strengthen their defenses and reduce threat of compromise from PRC state-sponsored malicious cyber actors,” read a statement issued by CISA this week.
Those looking for additional information on potential hacking efforts that may include the current PRC cyber threat are advised to review the China Cyber Threat Overview and Advisories made available online by CISA and to report any suspected anomalous activity to the FBI or its international law enforcement partners.
The All-Domain Anomaly Resolution Office (AARO), is looking to hire a new Deputy Director, according to a vacancy on the website of the Office of the Director of National Intelligence (ODNI) that expires on Friday.
With a highly classified solicitation sent out to industry partners, the United States Air Force is looking to award a contract in 2024 to replace the F-22 with a Next Generation Air Dominance (NGAD) fighter.
In a study of university professors, associate professors and assistant professors across a range of disciplines, 19% say that they or someone they know has witnessed an Unidentified Aerial Phenomenon, or UAP.
On today’s episode, researchers are trying to figure out how to utilize salamander cells to slow human aging, robots are being developed to aid dementia patients with finding lost items in their homes.
Court documents filed by Federal prosecutors this week revealed that Air Force superiors had received multiple warnings regarding the mishandling of classified information by Air National Guardsman Jack Teixeira, the 21-year-old accused of leaking top-secret Pentagon documents online, before his arrest in April. The documents shed light on several instances in which senior non-commissioned officers caught Teixeira acting suspiciously and potentially posing a counterintelligence threat. In each instance, Air Force superiors admonished Teixeira for his handling of classified information. However, […]
This week on The Micah Hanks Program, we dive into the strange history involving what is popularly known as “The Black Knight Satellite”, and how a genuine scientific anomaly first detected in the 1920s helped give rise to theories about possible evidence of alien technologies in Earth’s orbit.