Microsoft and NSA Reveals Presence of Surveillance Malware in Guam Island

Guam is a US island south of Japan in the Pacific ocean. It houses the Andersen Air force base and a bunch of US government establishments. According to a report by Microsoft and the National Security Agency (NSA), US computer systems in Guam have been infiltrated by a hacker-group called Volt Typhoon.

Volt Typhoon is allegedly sponsored by the Chinese government. The suspicion is that China is running cyber espionage missions in Guam through the hacker group. Not only is Guam home to the Andersen Air Force base, it is also an important center for US ships. In the event of China launching an invasion of Taiwan, Guam would be the hub of US response. With that in mind, collecting sensitive information from Guam could be crucial for the Chinese war machine.

The hackers are using the living-off-the-land technique to launch their payloads. That means they are using the existing systems and computational power of the victims’ systems to run their malicious operation. They’re also applying the hands-on-the-keyboard approach to consistently maintain their presence in the victims’ systems. In order to mask their presence they send fake data traffic to the systems. 

Also Read – Beware of This Legitimate Looking PayPal Email Scam

The group Volt Typhoon has been active since 2021. It’s not clear since when they’ve been infiltrating the systems in Guam island. US officials opine that the malware attack in Guam is a part of China’s continued efforts of information collection. They’re also connecting the attacks to the recent event where an information collecting balloon floated over US nuclear sites.

The US government led by Joe Biden is stressing on the security of its infrastructure and information. But according to security experts the corrupt accounts in Guam are very difficult to recover, the accounts need to be closed or changed. 

The United States of America has been targeted constantly over the last few years by hackers allegedly from both Russia and China. They have been attacking government institutions and educational establishments. The importance of cyber security awareness among officials is very high at this point.