Security News > 2024 > February > Chinese hackers hid in US infrastructure network for 5 years
The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and partner Five Eyes agencies.
Volt Typhoon hackers are known for extensively using living off the land techniques as part of their attacks on critical infrastructure organizations.
The Chinese threat group has successfully breached the networks of multiple critical infrastructure organizations across the United States while mainly targeting the communications, energy, transportation, and water/wastewater sectors.
"Volt Typhoon actors are seeking to pre-position themselves-using living off the land techniques-on IT networks for disruptive or destructive cyber activity against U.S. critical infrastructure in the event of a major crisis or conflict with the United States," CISA warned.
"We have gotten better at all aspects of this, from understanding Volt Typhoon's scope, to identifying the compromises likely to impact critical infrastructure systems, to hardening targets against these intrusions, to working together with partner agencies to combat PRC cyber actors."
The Chinese threat group, also tracked as Bronze Silhouette, has been targeting and breaching U.S. critical infrastructure since at least mid-2021, according to a May 2023 report published by Microsoft.
News URL
Related news
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- A “cascade” of errors let Chinese hackers into US government inboxes (source)
- Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Chinese snoops use F5, ConnectWise bugs to sell access into top US, UK networks (source)
- US charges Chinese nationals with cyber-spying on pretty much everyone for Beijing (source)
- US critical infrastructure cyberattack reporting rules inch closer to reality (source)
- US Health Dept warns hospitals of hackers targeting IT help desks (source)
- US senator wants to put the brakes on Chinese EVs (source)