Security News > 2024 > February > US says China's Volt Typhoon is readying destructive cyberattacks
The US government today confirmed that China's Volt Typhoon crew comprised "Multiple" critical infrastructure org's IT networks, and warned that the state-sponored hackers are readying "Disruptive or destructive cyberattacks" against these targets.
"Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the US authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," the 12 government agencies warned.
According to the US agencies, Volt Typhoon will likely use this network access for disruptive attacks in the event of geopolitical tensions or military conflicts.
This follow's last week's similar warning from FBI Director Christopher Wray that Chinese attackers are preparing to "Wreak havoc" on American infrastructure, and the Justice Department's disclosure that Volt Typhoon infected "Hundreds" of outdated Cisco and Netgear equipment with malware in an attempt to break into US critical infrastructure facilities.
While the threat to American critical infrastructure appears to be the highest, should US facilities be disrupted, "Canada would likely be affected as well, due to cross-border integration," according to CCCS. Australian and New Zealand critical infrastructure could be vulnerable as well.
These include: apply patches for internet-facing systems with priority given to appliances that Volt Typhoon likes to exploit.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/07/us_chinas_volt_typhoon_attacks/
Related news
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- China has utterly pwned 'thousands and thousands' of devices at US telcos (source)
- T-Mobile US takes a victory lap after stopping cyberattacks: 'Other providers may be seeing different outcomes' (source)