Although Chinese spies have long been active online against the United States and its allies, Volt Typhoon has raised particular concerns because of its focus on critical infrastructure, including communications links that tie the United States to the Pacific, analysts say.
The group’s focus on stealthiness is also drawing attention.
Cybersecurity company Secureworks, which said it has responded to at least three Volt Typhoon hacks, described the group as working consistently to cover its tracks.
The company also backed Western assessments of the group’s origins, saying that the hacker group, which it nicknamed “Bronze Silhouette”, likely operates on behalf of Beijing.
Secureworks – an arm of Dell Technologies’ – said that Chinese spies were upping their game in response to “likely increased pressure from (Chinese) leadership to avoid public scrutiny of its cyberespionage activity”.
It was not immediately clear how many organisations were affected by the espionage, but the US National Security Agency (NSA) said it was working with partners including Canada, New Zealand, Australia and the UK, as well as the US Federal Bureau of Investigation to identify breaches.