Chinese malware hits systems in Guam. Is Taiwan the real target?
At a news conference in Hiroshima, Japan, on Sunday, President Biden mentioned how the balloon incident had paralyzed already lukewarm exchanges between Washington and Beijing.
“Then this stupid balloon with the equivalent of two truckloads of spy equipment was flying over America,” he told reporters, “and it got shot down, and everything changed in terms of talking to each other.”
He predicted that relations between the two countries would “begin to thaw very soon”.
China has never acknowledged hacking into U.S. networks, even in the largest instance: During the Obama administration, it stole the security clearance documents of some 22 million Americans — including 6 million sets of fingerprints — from the Office of Personnel Management. The data breach took the better part of a year and led to a deal between Presidents Barack Obama and Xi Jinping that led to a brief drop in malicious cyber activity in China.
On Wednesday, China issued a warning to its companies to be vigilant against U.S. hacking. And there’s plenty of it: In documents released by former NSA contractor Edward Snowden, there’s evidence the U.S. tried to hack into the systems of Chinese telecommunications giant Huawei, as well as military and leadership targets.
Telecommunications networks are a prime target for hackers, and Guam’s systems are particularly important to China because military communications often rely on commercial networks.
Tom Burt, the executive who oversees Microsoft’s threat intelligence unit, said in an interview that the company’s analysts — many of whom are veterans of the NSA and other intelligence agencies — “are looking at intrusions affecting U.S. ports. ” found the code. When they traced back the intrusion, they found that other networks were also compromised, “including some networks of the Guam Department of Telecommunications.”
Anne Neuberger, deputy national security adviser for cyber and emerging technologies, said, “Coverish operations like the ones revealed today are part of a push to focus our attention on telecommunications cybersecurity and the urgent need to use trusted vendors “, and equipment from these vendors already meets established cybersecurity standards.