Get all your news in one place.
100’s of premium titles.
One app.
Start reading
ABC News
ABC News
National
Toby Mann and wires

China hits back over Five Eyes blame for US infrastructure cyber attack

China responds to accusations it is behind recent cyberattacks in the US by calling the NSA the "world's largest hacking organisation". (Reuters: Edgar Su)

China has hit back after Australia and other Five Eyes cyber agencies blamed it for recent cyber attacks targeting "critical infrastructure" in the United States.

"Obviously, this is a collective disinformation campaign by the United States to mobilise the Five Eyes countries for geopolitical purposes," China's foreign ministry spokesperson Mao Ning said.

She was responding to a joint Cybersecurity Advisory issued by US, Australian, New Zealand and United Kingdom intelligence agencies after detecting a "cluster of activity of interest" linked to China's state-sponsored hacking group Volt Typhoon.

The attacks, the Five Eyes advisory said, targeted "critical infrastructure" in the US.

"It is a report that has  … a serious lack of evidence and is extremely unprofessional," Ms Mao said.

"As we all know, the Five Eyes is the world's largest intelligence organisation and the NSA is the world's largest hacker organisation, and it is ironic that they have joined forces to issue disinformation reports."

Volt Typhoon used a "living off the land" attack, which exploits legitimate tools within a system, rather than malware.

Using that technique hackers were able to evade detection by "blending in with normal Windows system and network activities".

Microsoft said Volt Typhoon's activity had used compromised credentials to access critical infrastructure organisations, and that the group's typical aim was espionage and information gathering.

"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the company said.

Ms Mao said the "involvement of certain companies in this shows that the US is expanding new channels for spreading disinformation".

"But no matter how the tactics change, it does not change the fact that the US is the empire of hacking," she said.

Last September, China accused the NSA of being behind a cyber attack on China's Northwestern Polytechnic University.

"The US side should immediately give an account of the cyber attack instead of spreading false information to divert attention," Ms Mao said.

Security analysts expect Chinese hackers could target US military networks and other critical infrastructure if China invades Taiwan.

The NSA and other Western cyber agencies urged companies that operate critical infrastructure to identify malicious activity using the technical guidance they issued.

"It is vital that operators of critical national infrastructure take action to prevent attackers hiding on their systems," Paul Chichester, director at the UK's National Cyber Security Centre said in a joint statement with the NSA.

Microsoft said the Chinese hacking group has been active since at least 2021 and has targeted several industries including communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education.

ABC/Reuters

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.