Reuters is reporting that the U.S. has successfully remotely disabled the core of the Chinese hacking campaign against U..S. infrastructures. According to the article, this has compromised thousands of internet-connected devices, according to two Western security officials and one person familiar with the matter. Here is the article:https://www.reuters.com/world/us/us-disabled-chinese-hacking-network-targeting-critical-infrastructure-sources-2024-01-29/ The compromised Chinese hacking group is called Volt Typhoon which has attached critical infrastructures here including naval ports and utilities in the U.S.

Microsoft has tracked the activities of Volt Typhoon and recently wrote the following; “Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States. In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible. Microsoft is choosing to highlight this Volt Typhoon activity at this time because of our significant concern around the potential for further impact to our customers. Although our visibility into these threats has given us the ability to deploy detections to our customers, the lack of visibility into other parts of the actor’s activity compelled us to drive broader community awareness and further investigations and protections across the security ecosystem.” Here is Microsoft’s full analysis: https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/

Jeffrey Newman Esq. and members of his firm represent whistleblowers under the False Claims Act and SEC, CFTC and FINCEN whistleblower programs. Persons providing original information to these agencies through counsel may receive rewards totaling up to 30 percent of a successful recovery made by the SEC, CFTC OR FINCEN and the names and identification of the whistleblowers are kept confidential. His firm also represents whistleblowers in healthcare fraud cases relating to Medicare of Medicaid. Attorney Newman can be reached at Jeff@Jeffnewmanlaw.com or at 617-823-3217