(NewsReady.com) – China has been known to use hackers to cause disruptions in other countries or steal critical data. The US government recently disrupted one of Beijing’s plots. Now, the Department of Justice has labeled China a threat.
On January 31, the Department of Justice issued a press release stating it used a court order to stop a Chinese operation. Hackers linked to the Chinese government had disrupted hundreds of routers in Americans’ homes and offices. The press release explained that the hacker group was known as “Volt Typhoon.”
The hackers allegedly used private SOHO routers infected with “KV Botnet” malware to conceal the fact that the attack originated in China. The hackers were reportedly targeting “critical infrastructure organizations in the United States and elsewhere.”
According to the DOJ, the majority of the routers used in the attacks were NetGear or Cisco brands. They were vulnerable because they were old and had reached ”end of life” status. In other words, their manufacturers didn’t support them through their software updates and security patches when issues arose.
The DOJ took the case to court, received an order allowing federal law enforcement officials to delete the KV Botnet malware for the routers, and took steps to block communications with the other devices being used by the hackers to control the technology.
FBI Director Christopher Wray stated that the Chinese hackers who are attacking infrastructure are positioning themselves to “cause real-world harm to American” communities and citizens. He went on to say the hacker group has enabled the Chinese government to target the US’ “communications, energy, transportation, and water sectors.”
The government warned that the mitigation steps it took were not permanent. If the owners of the infected routers restart them again, the mitigation steps will not follow, and they could be vulnerable to infection by the malware again. The FBI will send out a notice to all of the owners of the compromised routers.
Copyright 2024, NewsReady.com
