Security News > 2024 > January > We know nations are going after critical systems, but what happens when crims join in?

Volt Typhoon, the Chinese government-backed cyberspies whose infrastructure was at least partially disrupted by Uncle Sam, has been honing in on other US energy, satellite and telecommunications systems, according to Robert Lee, CEO of security shop Dragos.

"We've been involved in incident response cases, as well as using our intelligence and capabilities to track that group and identify where they've been targeting," Lee said.

Pipedream, an industrial control system specific malware that Dragos uncovered in April 2022 after spotting it in an unnamed organization's OT environment.

"What concerns me is other countries are working on very similar capabilities," Lee said.

"Criminal actors no longer needed to develop their own capabilities, malicious software vulnerabilities, etc.," Lee said.

When Cobalt Strike became available, "You saw massive amounts of criminal groups spin up overnight being able to leverage it. When Pipedream or Pipedream-like capabilities leak out in the community, they will be the Cobalt Strike of OT. That's the stuff that worries me." .

News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/31/critical_infrastructure_hacking/