The US is facing another large-scale cyber espionage conducted by China. This time, the target was the small Pacific island of Guam, with its US military bases. The island is strategically important for the defence of the Pacific and would play a significant role if China decided to escalate the situation over Taiwan. Moreover, the incident took place shortly after the discovery and shooting of a Chinese spy balloon over US territory. Beijing’s already deteriorating relations with Washington are thus taking another blow. In addition, the attack has sparked a heated debate among security experts about China’s future intentions.
A Chinese hacking group with links to Beijing, known as Volt Typhoon, is believed to be behind the attack, according to Microsoft’s findings. China, however, rejects these allegations on principle, as it believes there is insufficient evidence. Instead of explaining the situation, Foreign Minister Mao Ning verbally attacked the US, accusing it of being a “hacking power”.
The targets of the Guam cyberattacks were local US military bases and telecommunications services. A report produced by the intelligence services of the UK, New Zealand, Australia, the US and Canada jointly with Microsoft shows that the Chinese malware was only used for cyber espionage this time. However, the same code could be used to disrupt communications infrastructure and services on the island in the future. This would particularly affect the service sector, transport, manufacturing and the aforementioned communications. It is this fact that raises concerns about Beijing’s intentions. These are key sectors during a crisis for mobilizing forces and organizing a clear response to an armed conflict. A slowdown in communication and information exchange may cause chaos and the ability to respond quickly and effectively. The island is home to Anderson Air Force Base and the submarine port, which are key to coordinating the military response in the region.
Hackers have been very cautious when infecting devices and systems on Guam in an effort to make it difficult, if not outright impossible, for the US side to detect them. Therefore, they chose to use the victims’ home routers or their Internet-connected devices. In this way, the attackers gained remote access to the server of the victims’ devices. Thanks to this, the infected devices could even be used in the future for destructive attacks against critical infrastructure. However, Chinese hackers generally use cyber espionage to gain information rather than conduct destructive operations. Thus, Chinese malicious codes largely do not contain parts that allow systems to be rendered inoperable.
Nevertheless, China’s actions should not be taken lightly. Despite Guam’s relatively low profile, the territory is considered strategic because of its location. The island is the westernmost American territory, located relatively close to Taiwan compared to other American territories. There are also military bases and ports on Guam that Washington could use in the event of an attack on Taiwan. The cyberattacks on strategic points could prevent a fast and effective US response to a possible invasion of Taiwan. This is an important indicator of the Chinese threat. One of the lessons of the war in Ukraine is the importance of not underestimating the signs of a possible escalation. The start of the Russian aggression was preceded by large-scale cyber-attacks, which pointed towards the outbreak of open conflict.
Since the outbreak of the war in Ukraine, there have been intense discussions about whether China might decide to take advantage of the international community’s preoccupation to invade Taiwan, which Peking considers to be its territory. Speculation has also been fuelled by the growing assertiveness of the Chinese armed forces, which have intensified military exercises near the island in recent months. At the moment, the fact that Beijing is still observing the international community’s response to the Russian “special operation” is playing in Taiwan’s favour since the implications for the country and its leaders are still not entirely clear. Malware has also not yet been used for destructive attacks, which would be likely in the event of an intended invasion of Taiwan. In any case, China’s operations should be treated with the utmost caution and circumspection and treated as a potential threat.
Photo credit: Canva.com