China has refuted allegations made by the US government and Microsoft regarding a state-sponsored hacking group known as the Volt Typhoon infiltrating US critical infrastructure, as reported by Bloomberg. The National Computer Virus Emergency Response Center of China dismissed the claims as a “political farce” orchestrated by US officials, supported by over 50 cybersecurity experts who found insufficient evidence linking Volt Typhoon to the Chinese government. The Chinese agency countered by accusing the US of using “cyber warfare forces” for intelligence gathering and utilizing tools like “Marble” to frame China and Russia for cyber activities. Microsoft and the NSA initially reported about Volt Typhoon in May 2023, stating that the group had installed surveillance malware in crucial systems on Guam and other parts of the US for at least five years. The US agencies alerted critical infrastructure organizations earlier this year of the potential cyber threat posed by state-sponsored Chinese actors seeking to disrupt or destroy IT networks. Volt Typhoon, while not actively attacking its targets, has been pre-positioning itself in various government agencies in multiple countries, including the US, Australia, UK, Canada, and New Zealand. The group’s strategy indicates a plan to disrupt critical infrastructure functions in times of geopolitical tensions or military conflicts with the US, as believed by the US government.
