Wednesday, May 24, 2023

CHINESESE HACKERS AFTER MILITARY SYSTEMS

 

FROM THE NEW YORK TIMES, COPYRIGHT 2023

Chinese Malware Hits Systems on Guam. Is Taiwan the Real Target?

The code, which Microsoft said was installed by a Chinese government hacking group, set off alarms because Guam would be a centerpiece of any U.S. military response to a move against Taiwan.

Members of the Chinese honor guard at the Great Hall of the People.
The Great Hall of the People in Beijing. Telecommunications networks are key targets for hackers, and the system in Guam is particularly important to China.Credit...Thibault Camus/Associated Press
Members of the Chinese honor guard at the Great Hall of the People.

Reporting from Washington

Around the time that the Federal Bureau of Investigation was examining the equipment recovered from the wreckage of the Chinese spy balloon shot down off the South Carolina coast in February, American intelligence agencies and Microsoft detected what they feared was a more worrisome intruder: mysterious computer code that has been popping up in telecommunications systems in Guam and elsewhere in the United States.

The code, which Microsoft said was installed by a Chinese government hacking group, raised alarms because Guam, with its Pacific ports and vast American air base, would be a centerpiece of any American military response to an invasion or blockade of Taiwan. It was installed with great stealth, sometimes flowing through routers and other common internet-connected consumer devices, to make the intrusion harder to track.

But unlike the balloon that fascinated Americans as it performed pirouettes over sensitive nuclear sites, the computer code could not be shot down on live television. So instead, Microsoft and the National Security Agency were set on Wednesday to publish details of the code that would make it possible for corporate users, manufacturers and others to detect and remove it.

The code is called a “web shell,” in this case a malicious script that enables remote access to a server. Home routers are particularly vulnerable, especially older models that have not had updated software and protections.

 


No comments:

Post a Comment