The size of the reach is large
“Volt Typhoon redirects all network traffic to its destinations through compromised SOHO network end devices (including routers). Most devices, including those manufactured by Microsoft, ASUS, Cisco, D-Link, NETGEAR, and Zyxel, are supported by the owner’s HTTP or IP address,” Microsoft said in a statement. Confirmed that it allows it to open SSH management interfaces to the Internet.”
Affected sectors are critical
Microsoft said the affected organizations include the communications, manufacturing, utility, transportation, construction, maritime, government, information technology and education sectors.
Microsoft said it notified customers that were targeted or compromised and gave instructions on identifying an attack. Microsoft also urged those affected by this hack to close all compromised accounts or change their credentials.
It wasn’t just Microsoft that issued the warning. Officials in the US, Australia, Canada, New Zealand and the UK, which make up the Five Eyes intelligence network, also issued a statement. In the statement, it was emphasized that the Volt Typhoon group was supported by the Chinese government.
China denied the allegations
One of the biggest attacks the US has recently blamed on China was the attack on Microsoft Exchange in 2021. Last February, Federal Bureau of Investigation Director Christopher Wray said that China is responsible for more cyberattacks against the United States than all other countries combined.