China ‘prepping the battlefield’ after Microsoft warns of cyber attacks on US infrastructure: Expert
Microsoft reportedly uncovers suspicious cyber activity from Chinese state-sponsored actor
One day after American tech giant Microsoft sounded the alarm on a potential Chinese cyber "attack," one policy expert has signaled this could mean the U.S. adversary is preparing for conflict.
"As much as we're looking for talks and thaws and guardrails, their offensive strategy of exploiting capabilities, in the meantime, [is] prepping the battlefield," Atlas Organization founder Jonathan D.T. Ward said on "Mornings with Maria" Thursday. "That should tell us everything."
Microsoft said in a Wednesday post that the company has "uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States."
"The attack is carried out by Volt Typhoon," Microsoft said. Volt Typhoon is reportedly a Chinese state-sponsored actor that focuses on "espionage and information gathering."
CHINA EXPERT WARNS U.S. DEFENSE INACTION WILL HAVE A ‘CATASTROPHIC OUTCOME’
Ward applauded Microsoft for promptly alerting the public about the threat and indicated the group likely targeted "a very wide swath of critical infrastructure."
"These Chinese hackers have gone after communications, manufacturing, utilities, transportation, construction, maritime government, information technology and education sectors," the policy expert listed. "So that’s really the entire spectrum."
China’s attempts to probe infrastructure and digital information says "quite a bit" about the tense situation between the People’s Republic of China (PRC) and the U.S., Ward expanded.
"To see the scale of this in terms of the different sectors, I think is an important revelation," the expert noted. "And it's great to see Microsoft openly doing this, keeping in mind that they have major [research and development] centers in China… and China has always known and always conceptualized that they have American companies as one of our critical weaknesses."
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) and international cybersecurity authorities issued a joint Cybersecurity Advisory (CSA) warning the agencies believe Volt Typhoon, which they noted is associated with the People's Republic of China, "could apply the same techniques" against infrastructure networks across the U.S. and "other sectors worldwide."
Additionally, they recommended organizations take steps to tighten up their cybersecurity in light of the threat, such as hardening domain controllers, monitoring event logs, limiting port proxy usage, investigating any unusual IP addresses and reviewing firewall configurations.
Ward further cautioned that China’s main objective remains to restructure the global economy with the PRC in the center.
"Their companies are starting to really excel sector by sector. We now have more Chinese companies on the Fortune Global 500 than U.S. companies," the Atlas Organization founder said, "and that's the game we need to play."
GET FOX BUSINESS ON THE GO BY CLICKING HERE
Reuters reported on Thursday that Chinese foreign ministry spokesperson Mao Ning called the hacking allegations a "collective disinformation campaign," claiming it was launched by the U.S. via Microsoft for geopolitical reasons.
"But no matter what varied methods are used," Ning said in a Beijing press briefing, "none of this can change the fact that the United States is the empire of hacking."
FOX Business’ Adam Sabes and Breck Dumas contributed to this report.