top of page

US Navy victim of Chinese state-sponsored hackers, secretary says

By Chris Pandolfo

May 27, 2023

Gordon Chang: ‘China is making fast preparations for war and the Pentagon has decided not to notice’

Gatestone Institute senior fellow Gordon Chang unpacks various actions from the Chinese which threaten U.S. national security on ‘Mornings with Maria.’

The U.S. Navy was a victim of the Chinese state-sponsored hack revealed by Microsoft on Wednesday, Secretary of the Navy Carlos Del Toro said on CNBC.

In an interview with host Morgan Brennan on Thursday, Del Toro revealed the Navy "has been impacted" by the cyberattacks and said it was "no surprise that China has been behaving in this manner, not just for the last couple years, but for decades."

He did not provide further information on the extent of the incursion. Fox Business has contacted the Department of Defense for comment but did not hear back before publication.

Microsoft said in a Wednesday post that the company had "uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States."

In this photo provided by U.S. Navy, the Los Angeles-class fast attack submarine USS Oklahoma City (SSN 723) returns to U.S. Naval Base in Guam, Aug. 19, 2021. (Mass Communication Specialist 3rd Class Naomi Johnson/U.S. Navy via AP, File / Getty Images)

"The attack is carried out by Volt Typhoon," Microsoft said. Volt Typhoon is a Chinese state-sponsored actor that focuses on "espionage and information gathering."

The targets include sites in Guam, where the U.S. has a major military presence, the company said.

Microsoft determined with "moderate confidence" that the Volt Typhoon hacking campaign is "pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises."

U.S. and international cybersecurity authorities confirmed the attack in a joint Cybersecurity Advisory (CSA) warning. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) said Volt Typhoon, which is linked to the People's Republic of China, "could apply the same techniques" against infrastructure networks across the U.S. and "other sectors worldwide."

US Navy Secretary Carlos Del Toro speaks during the United States Naval Academy 2022 Graduation Ceremony at the Navy-Marine Corps Memorial Stadium in Annapolis, Maryland on May 27, 2022. (MANDEL NGAN/AFP via Getty Images)

The agency recommended organizations take steps to tighten up their cybersecurity in light of the threat, such as hardening domain controllers, monitoring event logs, limiting port proxy usage, investigating any unusual IP addresses and reviewing firewall configurations.

Microsoft said the intrusion campaign placed a "strong emphasis on stealth" and sought to blend into normal network activity by hacking small-office network equipment, including routers. It said the intruders gained initial access through internet-facing Fortiguard devices, which are engineered to use machine learning to detect malware.

In this photo illustration the American multinational technology company, Microsoft logo is seen on an Android mobile device with People's Republic of China flag in the background. (Photo Illustration by Budrul Chukrut/SOPA Images/LightRocket via Getty Images / Getty Images)

China's Foreign Ministry denied involvement in the hacking attempt.

"We noted this extremely unprofessional report – a patchwork with a broken chain of evidence," said Foreign Ministry Spokesperson Mao Ning on Thursday. "We also noted that the US National Security Agency (NSA) and the cybersecurity agencies of the UK, Australia, Canada and New Zealand, almost simultaneously issued similar reports. Apparently, this has been a collective disinformation campaign launched by the US through the Five Eyes to serve its geopolitical agenda."

Ning went on to accuse the United States of spreading "disinformation."

Fox Business' Kristen Altus, Adam Sabes, Breck Dumas and the Associated Press contributed to this report.


bottom of page