Bloomberg has reported that the U.S. government has detected a Chinese cyber-espionage effort aimed at disrupting the essential services on Guam. This U.S. territory serves as a crucial military base in the remote Mariana Islands in the Pacific. The Chinese initiative, named Volt Typhoon, is designed to interfere with both military and civilian activities in the event of a conflict involving Taiwan. The campaign’s main strategy includes penetrating operational technologies to lay the groundwork for possible sabotage, exposing Guam to significant security risks.

The method employed by Volt Typhoon involves impersonating authorized users, differing from other hacks that focus on stealing data. This particular scheme aims to seize control over vital infrastructure, including water treatment facilities, electrical grids, and telecommunications networks. The stealth nature of Volt Typhoon means that it can often only be spotted through subtle irregularities such as atypical login behaviors. This is precisely how it came to light when the Guam Power Authority (GPA), the island’s sole electricity provider, caught the attention of U.S. investigators in 2022 after unusual network activity was observed by Melvyn Kwek, the head of cybersecurity at GPA.

Given that GPA provides roughly 20% of its power to the U.S. Navy, its importance cannot be overstated, both for civilian life and military operations. Guam’s proximity to China and its strategic position near major U.S. military bases close to Japan, Taiwan, and the Philippines make it a prime target for cyberattacks that could cripple essential services and disrupt U.S. military capabilities in the Pacific.

According to the report, high-profile entities like Docomo Pacific, a subsidiary of Japan’s NTT Docomo, are still recovering from security breaches. The initial clues of Volt Typhoon’s activities surfaced in 2021 when Microsoft researchers were investigating a cyberattack on a port in Houston. Subsequent probes uncovered several breaches, including into what were thought to be secure federal networks.

In response, federal organizations including the FBI, NSA, and Coast Guard have mobilized teams to Guam, setting up surveillance systems within the power grids, ports, and communication infrastructures. However, the fragmented nature of Guam’s infrastructure, primarily controlled by private companies, poses significant challenges for unified defensive strategies. This issue is compounded by local skepticism and reluctance, which have hindered the implementation of robust security measures.

Illustrating this mistrust, GPA turned down network monitoring services from Google’s Mandiant, citing concerns over external control. Moreover, during a congressional visit in 2024, competing local telecom firms were hesitant to disclose their security weaknesses, choosing instead to keep a low profile, as highlighted in the Bloomberg piece.