By Mar-Vic Cagurangan
A malicious computer code installed by state-sponsored Chinese hackers is “a ticking time bomb” that could disrupt U.S. defense operations on military bases around the world including Guam, according to a New York Times report.
Citing an unnamed congressional official, the New York Times reported that the malware is believed to be concealed “deep inside” the networks that control power grids, water supply and communications systems on military bases.
The report said U.S. authorities are investigating the malware, which first surfaced on May 24 when Microsoft reported the detection of a mysterious computer code in telecommunications on Guam and other U.S. infrastructure.
U.S. military bases on Guam are on the frontline of homeland defense in the event of a potential attack from China, which is posturing to invade Taiwan.
ADVERTISEMENT
In a report released on the day Typhoon Mawar hit Guam, Microsoft said it has uncovered “stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States."
“The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering,” Microsoft said.
The report said Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States.
It remained unclear if Volt Typhoon was involved in the cyberattacks on Guam Memorial Hospital and Docomo Pacific, which caused an internet outage in March.
In a June 15 op-ed piece published by The Hill, cyber experts said the Guam hack should serve as a cybersecurity wakeup call.
“The Guam event is not an isolated threat,” wrote Peter Altabef, CEO of Unisys Global Technology Solutions, and Reece Kurtenbach, president of Daktronics, which designs, manufactures, sells, and services video displays.
“U.S. critical infrastructure systems’ vulnerability reflects a sobering reality: The vast majority of the nation’s infrastructure systems are privately owned and operated,” they said.
They warned that disruption of any of those systems would threaten national security, economic stability and public health. “Yet, they remain at risk as geopolitical threats rise,” the authors said.
On July 18, more than 100 cyber stakeholders gathered on Guam for a cyber conference hosted by the Guam National Guard.
“This event was a great opportunity to demonstrate the effectiveness and strength of a whole of government approach, to train and fight together in terms of bringing increased cyber security capacity to Guam,” said Geoffrey Pease, integrated cyber planner with U.S. Indo-Pacific Command.
“Cyber is something that is here, and we all need to come together. We have to be aware there’s a threat that’s out there, and we have to be prepared to deal with that threat,” Pease said.
Subscribe to
our digital
monthly edition