United States: Microsoft has identified a hacking group called “Flax Typhoon,” based in China, and has aimed its efforts at numerous Taiwanese government agencies, likely with the intention of spying on them.
Flax Typhoon achieves and sustains long-term access to Taiwanese organisations’ networks with minimal use of malware, relying on operating system features and certain typically harmless software to discreetly stay within these networks.
Taiwan, a self-ruled island that China claims as its territory, has consistently accused China of engaging in spying through cyberattacks on its government networks.
”Flax Typhoon has been active since mid-2021 and has targeted government agencies, education, critical manufacturing, and information technology organisations in Taiwan,” the US tech giant said in a blog post.
The activities observed suggest “the threat actor intends to perform espionage and maintain access to organisations across a broad range of industries for as long as possible. However, Microsoft has not observed Flax Typhoon act on final objectives in this campaign,” Microsoft stated.
China has previously pledged to acquire Taiwan, even if it requires the use of force, and has intensified both military and political pressure on the island.
Last month, Microsoft reported that hackers based in China, aiming to gather intelligence, had successfully infiltrated the email accounts of several US government agencies.
The hacking group, referred to by Microsoft as Storm-0558, mainly specializes in activities related to espionage, stealing data, and gaining access to credentials.
This year, Microsoft issued a warning that Chinese state-sponsored hackers had infiltrated crucial US infrastructure networks with the likely intention of disrupting the United States in case of a conflict. Microsoft specifically highlighted Guam, a significant US Pacific territory housing a crucial military base, as a targeted location.