PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Microsoft Catches China Spying on Critical Western Infrastructure

China denies the accusation and points to the US as an 'empire of hacking.'

Matthew Humphries
 & Matthew Humphries Former Senior Editor

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

Microsoft discovered a state-sponsored hacking group based in China has been carrying out malicious activity in order to spy on critical infrastructure organizations in the US.

The group, known as Volt Typhoon, has been active since mid-2021 and focused on "espionage and information gathering." The aim of the group is to gain access to critical systems and then maintain access for as long as possible without detection. The organizations targeted by Volt span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Microsoft admits detecting and mitigating Volt's infiltration of different systems "could be challenging" because the group uses a mix of living-off-the-land techniques (fileless malware) and valid accounts to steal information. Microsoft believes the aim of Volt's campaign is to develop capabilities that "could disrupt critical communications infrastructure between the United States and Asia region during future crises."

Recommended by Our Editors

Google Will Soon Spot Fake Calls on Supported Android Phones
Google Will Soon Spot Fake Calls on Supported Android Phones
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts

Microsoft's discovery of Volt's activity triggered the Cybersecurity and Infrastructure Security Agency (CISA) to issue a Cybersecurity Advisory and has been backed up by Dell-owned cybersecurity company Secureworks, which confirmed it has responded to multiple Volt Typhoon hacks. Secureworks points out that the hacking group is also known by the name Bronze Silhouette.

As Reuters reports, this is thought to be one of the largest known Chinese cyber-espionage campaigns targeted at the US, but it could extend beyond America. The National Security Agency (NSA) and Federal Bureau of Investigation (FBI) are working with the Five Eyes intelligence alliance, which consists of the US, Australia, Canada, New Zealand, and the UK, to see if any Volt Typhoon breaches have already occurred in those other countries.

China has responded to the claims being made by not only rejecting them, but stating this is simply a "collective disinformation campaign" by the US and its allies. The Chinese foreign ministry spokesperson Mao Ning responded by saying it's Washington that's guilty of hacking and, "The United States is the empire of hacking."

About Our Expert

Matthew Humphries

Matthew Humphries

Former Senior Editor

My Experience

I started working at PCMag in November 2016, covering all areas of technology and video game news. Before that I spent nearly 15 years working at Geek.com as a writer and editor. I also spent the first six years after leaving university as a professional game designer working with Disney, Games Workshop, 20th Century Fox, and Vivendi.

I hold two degrees: a Bachelor's degree in Computer Science and a Master's degree in Games Development. My first book, Make Your Own Pixel Art, is available from all good book shops.

My Areas of Expertise

  • PC components and system building
  • Raspberry Pi
  • Software development
  • Storage technology
  • Video games and gaming hardware

Read the latest from Matthew Humphries

Read full bio