(March 5): Microsoft Corp warned that an advanced Chinese hacking group is waging a campaign of supply-chain attacks.

The company’s threat intelligence division said in a blog post on Wednesday that the group, known as Silk Typhoon, was targeting remote management tools and cloud applications in order to spy on a range of companies and organisations in the US and abroad.

Microsoft said it observed in late 2024 that hackers were targeting cloud storage services, from which they would steal keys that could be used to access customer data. The group breached state and local government organisations and companies in the technology sector, seeking information on US government policy and documents related to law enforcement investigations.

Silk Typhoon was behind a December hack that targeted the US Treasury Department, compromising more than 400 computers, Bloomberg News previously reported. 

According to Microsoft, the group is “well-resourced and technically efficient” and has “one of the largest targeting footprints” among China-based cyberespionage actors. It has been seen targeting organisations across a wide-range of sectors for the purposes of spying, including those operating in healthcare, legal services, higher education, defence, energy and government, Microsoft said.

Silk Typhoon is distinct from another Chinese hacking group known as Salt Typhoon, which last year was accused of breaching multiple US telecommunications companies.

Uploaded by Felyx Teoh