Volt Typhoon III report exposes US cyber forces operations

2024-10-14 15:06:33

Hackers from United States cyber forces and intelligence agencies disguise themselves like "chameleons" in cyberspace by posing as other countries to conduct global cyberattacks and espionage operations, while also pouring dirty water on non-US allies like China, an investigative report published on Oct. 10 said.

 

According to the report Volt Typhoon III: A Cyber Espionage and Disinformation Campaign conducted by US Government Agencies, evidence has shown that "Volt Typhoon", which US politicians, intelligence communities and companies claimed to be a China-sponsored hacking organization, had launched a series of operations targeting networks across critical US infrastructure sectors, as just one of many operations initiated by the US intelligence agency.

 

The report was jointly published by the National Computer Virus Emergency Response Center and the National Engineering Laboratory for Computer Virus Prevention Technology.

 

Also, according to the top-secret files of the National Security Agency, the US has for long been taking advantage of its well-developed information and communication technology industry to construct internet infrastructures to control the "Choke Points" of the internet.

 

There are at least seven access sites for tapping with coverage over all submarine optical cables spanning from the Atlantic to the Pacific. All these access sites are operated by NSA, the Federal Bureau of Investigation and the National Cyber Security Centre from the United Kingdom. Each information packet intercepted through the access sites are thoroughly inspected indiscriminately, the report said.

 

Furthermore, the NSA will directly use the "supply chain" attack method, which capitalizes on the advantages of the advanced US information and communication technology industry and products, against a variety of high-valued targets of other countries that have high levels of protection and are challenging to penetrate in cyberspace.

 

With the cooperation of large internet enterprises or equipment suppliers in the US, NSA is able to intercept the US-made network products purchased by its targets. The products will then be unpacked and implanted with backdoor malware before repackaging and shipping to the various targets.

 

The method is usually used in attack operations against other countries' telecom and network operators. When NSA gets control of the target telecom network operator's system, they will be able to monitor the target's cellphone communication content. In the attack against the Northwestern Polytechnical University, the relevant internet service provider located in China was compromised by NSA with the "supply chain" attack method. As a result, the telephone calls and internet activities of the victims were tracked by NSA in real time.

 

NSA used the term "pre-position" when introducing the method in top secret documents, which specifically refers to the implant "backdoor" in IT products used by the targets, which is activated through NSA's subsequent operations. Ironically, the term "pre-position" was also used by US government agencies to describe the tactics used by so-called "Volt Typhoon" groups which carried out cyberattacks on critical US infrastructure in places like Guam. The question surrounding "pre-position" in critical infrastructure worldwide is quite clear.

 

Previously on April 15 and July 8, the two institutions published two investigative reports on "Volt Typhoon", which launched a series of operations affecting networks across critical US infrastructure sectors.

 

The reports stated that analysis by Chinese technical teams showed that many of the IP addresses used by "Volt Typhoon" to launch the attacks were previously used by a ransomware group named "Dark Power", which had no country and sectoral connection. And the US government agencies orchestrated and hyped up the "Volt Typhoon" cyberthreat narrative to secure additional funding from the US Congress and to bolster the cyber-infiltration capabilities of US intelligence agencies.

 

The allegation originated from a joint advisory by the cybersecurity authorities of the US and its "Five Eyes" allies — the United Kingdom, Australia, Canada and New Zealand. With the advisory issued based on information released by US tech company Microsoft, which has failed to provide a detailed analytical process for source tracing of the cyberattacks from "Volt Typhoon".

 

(Source: CHINA DAILY)

中国新闻

ON AIR

NEXT
12
8
China News
Music Matters

ON AIR

NEXT
8,9,10
1,2,3,4,5
Music Matters
Music Matters

ON AIR

NEXT
14,15
8
Music Matters
Music Matters

ON AIR

NEXT
3,4,5
8
Music Matters
岁月留声

ON AIR

NEXT
13
0,6
Music Memories

ON AIR

NEXT
8,9,10
9
Classical Sunday

ON AIR

NEXT
8,9,10
10
Classical Saturday
慢速英语+美文阅读

ON AIR

NEXT
6
8
Special English & More to Read

ON AIR

NEXT
20,21
8
The Groove Sessions
圆桌议事

ON AIR

NEXT
13
1,2,3,4,5
Round Table China
岛屿不寂寞

ON AIR

NEXT
23
8
Music Be There for U
南海旅行家

ON AIR

NEXT
16
8
Getaway on Sea
南海旅行家

ON AIR

NEXT
0
8
Getaway on Sea
轻阅读

ON AIR

NEXT
22
8
Reading
轻阅读

ON AIR

NEXT
11
8
Reading
平常记录

ON AIR

NEXT
19
7
Voice Documentary
平常记录

ON AIR

NEXT
2
7
Voice Documentary
听见

ON AIR

NEXT
19
9
Hear
听见

ON AIR

NEXT
2
9
Hear
南海圆桌派

ON AIR

NEXT
18
8
Daily Show of the South China Sea
行走自贸港

ON AIR

NEXT
17
8
A Tour to Free Trade Port
行走自贸港

ON AIR

NEXT
7
8
A Tour to Free Trade Port
南海圆桌派

ON AIR

NEXT
1
8
Daily Show of the South China Sea
早安南海
00:00:00
 / 
00:00:00