Wednesday, 31 May 2023


Factbox-What is Volt Typhoon, the alleged China-backed hacking group? By Reuters

Factbox-What is Volt Typhoon, the alleged China-backed hacking group?

© Reuters. FILE PHOTO: Computer code is seen on a screen above a Chinese flag in this July 12, 2017 illustration photo. REUTERS/Thomas White/Illustration

By Raphael Satter and James Pearson

(Reuters) – Its name is redolent of an exotic electrical storm. But is the freshly christened hacking group “Volt Typhoon” an imminent danger to American infrastructure, or just a new crop of digital spies playing an old game?

Here is what is known about the group and its potential threat:


Nearly every country in the world uses hackers to gather intelligence. Major powers like the United States and Russia have large stables of such groups – many of which have been given colourful nicknames by cybersecurity experts, like “Equation Group” or “Fancy Bear.”

Where experts worry is when such groups turn their attention from intelligence gathering to digital sabotage. So when Microsoft Corp (NASDAQ:) said in a blog post on Wednesday that Volt Typhoon was “pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” it immediately brought to mind escalating tensions between China and the United States over Taiwan. Any conflict between those two countries would almost certainly involve cyberattacks across the Pacific.


Does this mean a group of destructive hackers is preparing to sabotage U.S. infrastructure in the event of a conflict over Taiwan?

Microsoft qualified its assessment as “moderate confidence,” intelligence jargon that typically means a theory is plausible and credibly sourced but has yet to be fully corroborated. Different researchers have identified various aspects of the group. Not everyone has seen evidence of sabotage preparation.

Volt Typhoon so far appears to be focused on stealing information from “organisations that hold data that relates to the military or government in the United States,” said Marc Burnard of Secureworks – an arm of Dell Technologies (NYSE:). Although Burnard said Volt Typhoon – which Secureworks calls “Bronze Silhouette” – may well be positioning itself for disruption, he said what he had seen of the hackers suggested it was being used “primarily for espionage purposes.”


U.S. tech firm Cisco Systems Inc (NASDAQ:) said it has seen disturbing evidence that Volt Typhoon was readying itself for something dangerous.

Like Microsoft and Secureworks, Cisco’s experts refused to say…

Click Here to Read the Full Original Article at All News…