You are here

Reuters Reports U.S. Disrupts Chinese (Volt Typhoon) Threat to Critical Infrastructure

Reuters Reports U.S. Disrupts Chinese (Volt Typhoon) Threat to Critical Infrastructure

Created: Tuesday, January 30, 2024 - 15:44
Categories:
Cybersecurity, OT-ICS Security

For months, WaterISAC has been tracking and sharing various developments regarding Chinese state-affiliated actors, Volt Typhoon and the threat this group’s tactics pose to U.S. critical infrastructure, including water and wastewater infrastructure. Earlier today, Reuters published an exclusive report highlighting recent U.S. government actions to fight this pervasive threat. WaterISAC is providing this developing situation for awareness and will continue to track and report accordingly.

According to Reuters: The U.S. government in recent months launched an operation to fight a pervasive Chinese hacking operation that successfully compromised thousands of internet-connected devices, according to two Western security officials and one person familiar with the matter.

The Justice Department and Federal Bureau of Investigation sought and received legal authorization to remotely disable aspects of the Chinese hacking campaign, the sources told Reuters.

The hacking group at the center of recent activity, Volt Typhoon, has especially alarmed intelligence officials who say it is part of a larger effort to compromise Western critical infrastructure, including naval ports, internet service providers and utilities.

Background: In May, U.S. officials began hinting at a heightened concern level for the potential of disruptive cyber attacks against U.S. critical infrastructure from China. The activity was attributed to a group that Microsoft tracks as Volt Typhoon. A joint Cybersecurity Advisory (AA23-144a) was also published in May describing Volt Typhoon’s behavior, notably the capability to remain hidden in networks for an extended period due to significant use of living off the land techniques (described in the advisory). Additionally, WaterISAC’s June 28th Cyber Threat Briefing included an overview by EPA and CISA of Volt Typhoon and living off the land techniques that impressed concern for sector entities.

For more, please visit Reuters.

Additional relevant resources shared by WaterISAC regarding Volt Typhoon activity: