Security News > 2023 > May > Microsoft warns of Volt Typhoon, latest salvo in global cyberwar

Microsoft's warning on Wednesday that the China-sponsored actor Volt Typhoon attacked U.S. infrastructure put a hard emphasis on presentations by cybersecurity and international affairs experts that a global war in cyberspace is pitting authoritarian regimes against democracies.

Microsoft's notification pointed out that Volt Typhoon - which hit organizations in sectors spanning IT, communications, manufacturing, utility, transportation, construction, maritime, government and education - has been pursuing a "Living off the land" strategy focused on data exfiltration since 2021.

According to Armis, he has been predicting these threats since January after finding that 33% of global organizations are not taking the threat of cyberwarfare threats seriously.

Stephen Robinson, a senior threat intelligence analyst at WithSecure, said the cybercriminal ecosystem's mirroring of legitimate business has made it easier for state actors and less sophisticated groups to buy what they can't make.

Nation state actors: Nation state actors use the above tools, which enable them to spin up campaigns and access new victims without being attributed.

In these cases, Microsoft suggests that security operations teams should examine the activity of compromised accounts for any malicious actions or exposed data.

News URL

https://www.techrepublic.com/article/volt-typhoon-global-cyberwar/