Chinese-linked firm building near US military bases: Report

[Laodicean60]

I'm not asking Google

Willful Ignorance read the article you'll get the idea.

 

[iluvatar5150]

Did you not say, "major trading partners"? Now, how about Russia who we trade with? Russia and China are the Two major threats unless you can come up with more.

You can google it, but I'll help you out.

Survey of Chinese Espionage in the United States Since 2000 | Strategic Technologies Program | CSIS

Willful Ignorance read the article you'll get the idea.

IOW, you can’t actually articulate the specific threat posed by having them within a 1-2 hour drive of a base. All you can say is “they spy on us” and then hope we buy into your inferences.

Something that jumped out as me was that the chart in your article showed a big jump in espionage attempts during the Trump years and a modest decline since then.

 

[Vambram]

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog

Chinese state-sponsored actor Volt Typhoon is using stealthy techniques to target US critical infrastructure, conduct espionage, and dwell in compromised environments.

www.microsoft.com

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.

Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States. In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible. Microsoft is choosing to highlight this Volt Typhoon activity at this time because of our significant concern around the potential for further impact to our customers. Although our visibility into these threats has given us the ability to deploy detections to our customers, the lack of visibility into other parts of the actor’s activity compelled us to drive broader community awareness and further investigations and protections across the security ecosystem.

To achieve their objective, the threat actor puts strong emphasis on stealth in this campaign, relying almost exclusively on living-off-the-land techniques and hands-on-keyboard activity. They issue commands via the command line to (1) collect data, including credentials from local and network systems, (2) put the data into an archive file to stage it for exfiltration, and then (3) use the stolen valid credentials to maintain persistence. In addition, Volt Typhoon tries to blend into normal network activity by routing traffic through compromised small office and home office (SOHO) network equipment, including routers, firewalls, and VPN hardware. They have also been observed using custom versions of open-source tools to establish a command and control (C2) channel over proxy to further stay under the radar.

 

[Laodicean60]

IOW, you can’t actually articulate the specific threat posed by having them within a 1-2 hour drive of a base. All you can say is “they spy on us” and then hope we buy into your inferences.

Something that jumped out as me was that the chart in your article showed a big jump in espionage attempts during the Trump years and a modest decline since then.

Lol the article speaks for me and if you can't see it then I know no amount of my words are going to enlighten you. [bless and do not curse][bless and do not curse][bless and do not curse] Trump again lol. I won't get into your tribal warfare. Peace

 

[Belk]

Willful Ignorance read the article you'll get the idea.

Did you write the article? If not then no I will not "get the idea" of what your fears are.

 

[Vambram]

Did you write the article? If not then no I will not "get the idea" of what your fears are.

Please read post #23 of this thread.

 

[Pommer]

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog

Chinese state-sponsored actor Volt Typhoon is using stealthy techniques to target US critical infrastructure, conduct espionage, and dwell in compromised environments.

www.microsoft.com

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.

Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States. In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible. Microsoft is choosing to highlight this Volt Typhoon activity at this time because of our significant concern around the potential for further impact to our customers. Although our visibility into these threats has given us the ability to deploy detections to our customers, the lack of visibility into other parts of the actor’s activity compelled us to drive broader community awareness and further investigations and protections across the security ecosystem.

To achieve their objective, the threat actor puts strong emphasis on stealth in this campaign, relying almost exclusively on living-off-the-land techniques and hands-on-keyboard activity. They issue commands via the command line to (1) collect data, including credentials from local and network systems, (2) put the data into an archive file to stage it for exfiltration, and then (3) use the stolen valid credentials to maintain persistence. In addition, Volt Typhoon tries to blend into normal network activity by routing traffic through compromised small office and home office (SOHO) network equipment, including routers, firewalls, and VPN hardware. They have also been observed using custom versions of open-source tools to establish a command and control (C2) channel over proxy to further stay under the radar.

This is worthy of a thread all on its own; why’s it derailing this one?

 

[Vambram]

This is worthy of a thread all on its own; why’s it derailing this one?

I believe that the topics of both new articles in this thread are inter-related.

 

[Pommer]

I believe that the topics of both new articles in this thread are inter-related.

Ah, I missed that you were the OP (and can set the topics), mea culpa.
Does it seem odd that a corporation is taking upon itself the role of “a thing a government might do”?

 

[Belk]

Please read post #23 of this thread.

OK. Read it and the associated description of how ATP intercepts it. What about it?

 

[Vambram]

Ah, I missed that you were the OP (and can set the topics), mea culpa.
Does it seem odd that a corporation is taking upon itself the role of “a thing a government might do”?

Considering that the Chinese communist party has a very significant amount of control over Chinese corporations, I don't find it to be odd at all that this is happening.

 

[Pommer]

Considering that the Chinese communist party has a very significant amount of control over Chinese corporations, I don't find it to be odd at all that this is happening.

I was speaking about Microsoft issuing a warning about Chinese IP products.

 

[Nithavela]

"70 miles" doesn't sound very near to me. From the thread title I would have thought it was in eyesight or something.

 

[Vambram]

I was speaking about Microsoft issuing a warning about Chinese IP products.

I am of the opinion that the current federal administration doesn't do nearly enough to keep our nation's key technology infrastructures safe from Chinese IP products. I believe that the Chinese communist party should be considered an enemy of the USA.

 

[Hans Blaster]

The Daily Caller is really going to lose it's mind when the staff realize that the Chinese Embassy is 7 miles from the Pentagon!

And less than 4 miles from the White House. The president must be compromised!

View attachment 340777

Too late.

 

[RDKirk]

I am of the opinion that the current federal administration doesn't do nearly enough to keep our nation's key technology infrastructures safe from Chinese IP products. I believe that the Chinese communist party should be considered an enemy of the USA.

You're 'way late to start worrying now.

I began worrying back in the latter 90s when Congress put the kibosh on most of the military and intelligence community using US-made, proprietary-design personal computer hardware and required us to buy our PCs "off the shelf." You couldn't even plug a store-bought mouse into them.

Even by then, "off the shelf" meant devices with Chinese components and commercial standard plug-ins. If the Chinese aren't planting worms in fake motherboard resistors, they're not as smart as I think they are.

 

[FireDragon76]

It's ok if you trust China fully but I don't. From their past actions they are not benefiting Americas interest. I guess you trust Russia because they were a trading partner also.

Russia is far less a trading partner with the US than China.

 

[Pommer]

It's ok if you trust China fully but I don't. From their past actions they are not benefiting Americas interest. I guess you trust Russia because they were a trading partner also.

In international affairs “trading-partners“ are the enemies that one keeps “closer”.

 

[Pommer]

I bet most bases have a walmart nearby and 90% of that place is Chinese.

“Chairman President Xi allowed the Americans to think the ‘invasion’ was on their Southern Border, during his great bric-a-brac infiltration plan #17!”—2043 history chip, probably.

 

[Pommer]

Did you write the article? If not then no I will not "get the idea" of what your fears are.

[devil’s advocate] “This article is my opinion” would be too blunt a way to put it but this, (if seen as a challenge to their own “honesty”) that they cannot think of a better way ro explain about what they think except by quoting the media they pretend to hate. Quoting fear pieces is all the far as some can go in “political thought”, so they run with it. [/da]