Security News > 2024 > February > Volt Typhoon not the only Chinese crew lurking in US energy, critical networks
Volt Typhoon isn't the only Chinese spying crew infiltrating computer networks in America's energy sector and other critical organizations with the aim of wrecking equipment and causing other headaches, the US government has said.
Last week, the FBI said it obtained search warrants and issued a remote kill command to wipe Volt Typhoon's botnet after the gang infected hundreds of end-of-life routers with backdoor malware to break into critical infrastructure networks.
She declined to identify the other Beijing-backed gangs that have been found burrowing into US critical infrastructure.
The US Department of Energy's Mara Winn echoed this assessment, and noted that DoE has been working with energy system owners and operators "Over the last several months" to detect compromised systems and stamp out the intruders.
"Our assessment is that the threat is actively positioning itself on critical infrastructure IT networks with the explicit goal of being able to disrupt the functioning of operational technology," said Winn, the deputy director for preparedness, policy, and risk assessment in the DOE's Office of Cybersecurity, Energy Security, and Emergency Response.
"OT systems could be manipulated to cause major shutdowns of essential services, or even to create dangerous conditions," he told The Register.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/07/its_not_just_volt_typhoon/
Related news
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator (source)
- US government, energy sector contractor hit by ransomware (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Why cybersecurity is critical to energy modernization (source)