US government officials appear to have directly accused the Chinese government about its role in supporting cyberattacks against the former’s networks.
The discussions specifically concern the Volt Typhoon group, which is responsible for a number of critical recent cyberattacks against US infrastructure, and has managed to maintain persistent access to the sites it has attacked.
The group is understood to have links to China, but the Chinese government unsurprisingly says the allegations are false, as its has done with every other previous allegation.
Volt Typhoon infecting US infrastructure
The US government has previously warned that the Volt Typhoon group maintains persistent access to critical US energy, water, and other infrastructure and regularly launches probing attacks using living-off-the-land techniques.
US ambassador at large for cyberspace and digital policy, Nathaniel Fick, said (via Reuters), “We have had direct conversations with the Chinese about it. We raised it directly with the Chinese government at very senior levels, and made clear that this kind of behavior is dangerous, escalatory, and it’s not acceptable.”
Other groups have also been spotted lurking in networks relating to critical infrastructure, with Russian, Iranian and North Korean groups all testing the cyber resilience of oil and gas pipelines, and water facilities.
Brandon Wales, executive director of the US Cybersecurity and Infrastructure Security Agency (CISA) also commented on the attacks stating that, “Chinese targeting of our critical infrastructure is broad-based. It is against a broad swath of small and medium-sized companies that are potentially critical in individual supply chains, or just capable of causing societal panic in some place around the country.”