Security News > 2024 > February > Chinese hackers hid in US infrastructure network for 5 years

The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and partner Five Eyes agencies.

Volt Typhoon hackers are known for extensively using living off the land techniques as part of their attacks on critical infrastructure organizations.

The Chinese threat group has successfully breached the networks of multiple critical infrastructure organizations across the United States while mainly targeting the communications, energy, transportation, and water/wastewater sectors.

"Volt Typhoon actors are seeking to pre-position themselves-using living off the land techniques-on IT networks for disruptive or destructive cyber activity against U.S. critical infrastructure in the event of a major crisis or conflict with the United States," CISA warned.

"We have gotten better at all aspects of this, from understanding Volt Typhoon's scope, to identifying the compromises likely to impact critical infrastructure systems, to hardening targets against these intrusions, to working together with partner agencies to combat PRC cyber actors."

The Chinese threat group, also tracked as Bronze Silhouette, has been targeting and breaching U.S. critical infrastructure since at least mid-2021, according to a May 2023 report published by Microsoft.

News URL

https://www.bleepingcomputer.com/news/security/chinese-hackers-hid-in-us-infrastructure-network-for-5-years/