Who Are The Chinese Hacker Groups, and What Are They Doing?
by Justin Erickson
Report Details Chinese “Typhoon” Hacking Groups’ Cyber Warfare Preparations
A new report highlights the activities of Chinese state-sponsored “Typhoon” hacking groups allegedly involved in cyber warfare preparations. According to cybersecurity researchers, these groups have been targeting critical infrastructure and government systems worldwide, focusing on reconnaissance and significant disruptions. These groups are reportedly refining tools to compromise water, energy, and transportation providers, as well as telecommunications – raising concerns over their ability to disrupt essential services during geopolitical conflicts. Of these groups are Volt Typhoon, Flax Typhoon, Salt Typhoon, and Silk Typhoon.
Third-Party references:
Click the link below to learn more details. (Opens in a new tab/window.)
US Treasury Hack Linked to Chinese State-Sponsored Group “Silk Typhoon“
The recent cyberattack on the U.S. Treasury Department has been attributed to “Silk Typhoon,” a Chinese state-sponsored hacking group. Security researchers linked the group to the breach after identifying that they specifically targeted the OFAC (U.S. Office of Foreign Assets Control) and were likely trying to collect information on what Chinese individuals and organizations the U.S. would think about sanctioning. Silk Typhoon exploited vulnerabilities in a third-party platform to bypass detection and gain unauthorized access. The attack underscores growing concerns over state-sponsored cyber threats aimed at undermining national security.
Third-Party references:
US Sanctions Chinese Firm and Hacker for Treasury and Critical Infrastructure Breaches
The U.S. Department of the Treasury has imposed sanctions on a Chinese cybersecurity firm and an individual hacker linked to breaches of U.S. Treasury systems and critical infrastructure. The sanctioned firm, Sichuan Juxinhe Network Technology, is accused of facilitating cyberattacks on multiple major U.S. telecommunication and internet service provider companies, while the individual – Yin Kecheng – associated with MSS (People’s Republic of China Ministry of State Security), is accused in hacking campaigns targeting government and private sector entities. The sanctions freeze any U.S.-based assets and prohibit transactions with the designated parties, aiming to disrupt their operations. Treasury officials emphasized that these actions highlight the U.S. commitment to protection; holding malicious cyber actors accountable for their actions.