"This week the Five Eyes alliance – an intelligence alliance between Australia,
the United Kingdom, Canada, New Zealand and the United States – announced its
investigation into a China-backed threat targeting US infrastructure.
Using stealth techniques, the attacker – referred to as “Volt Typhoon” –
exploited existing resources in compromised networks in a technique called
“living off the land”.
Microsoft made a concurrent announcement, stating the attackers’ targeting of
Guam was telling of China’s plans to potentially disrupt critical
communications infrastructure between the US and Asia region in the future.
This comes hot on the heels of news in April of a North Korean supply chain
attack on Asia-Pacific telecommunications provider 3CX. In this case, hackers
gained access to an employee’s computer using a compromised desktop app for
Windows and a compromised signed software installation package.
The Volt Typhoon announcement has led to a rare admission by the US National
Security Agency that Australia and other Five Eyes partners are engaged in a
targeted search and detection scheme to uncover China’s clandestine cyber
Such public admissions from the Five Eyes alliance are few and far between.
Behind the curtain, however, this network is persistently engaged in trying to
take down foreign adversaries. And it’s no easy feat.
Let’s take a look at the events leading up to Volt Typhoon – and more broadly
at how this secretive transnational alliance operates."
*** Xanni ***
Chief Scientist, Xanadu
Partner, Glass Wings
Manager, Serious Cybernetics