FBI director Christopher Wray warned that Chinese hackers have infiltrated US critical infrastructure, targeting companies in telecommunications, energy, water, and 23 pipeline operators, with the intent to potentially cause devastating damage. China's broader intent is seen as a means to deter the US from defending Taiwan, although China denies government involvement and claims the hacking is unrelated to them. The hackers operate botnets to conceal their activities, and private sector companies have attributed the attacks to China.
FBI Director Christopher Wray warned that Chinese hackers associated with the group Volt Typhoon are poised to launch a devastating attack on U.S. critical infrastructure, having gained access to various sectors including energy and water. While China denies government involvement, security researchers have linked the group to the country. The hackers' activities align with China's broader geopolitical goals, and their aim is to induce panic and spy on organizations without detection. The U.S. is on high alert as China seeks to secure access to critical networks before a direct confrontation.
FBI Director Christopher Wray warned that Chinese government-linked hackers have infiltrated U.S. critical infrastructure through an ongoing hacking campaign known as Volt Typhoon, targeting companies in telecommunications, energy, water, and other critical sectors. Wray expressed concerns about China's ability to cause havoc on American infrastructure at a time of its choosing, potentially inducing panic. China denied government involvement, attributing Volt Typhoon to a criminal ransomware group, while the FBI pointed to evidence linking the cyber activities to China.
CISA has issued a fact sheet warning critical infrastructure leaders about the urgent risk posed by Volt Typhoon, a state-sponsored cyber threat from the People's Republic of China. The fact sheet provides guidance on specific actions to prioritize the protection of organizations from this threat activity and urges leaders to read the guidance to defend against the threat. Additionally, CISA recommends referring to related resources for more information on Volt Typhoon and secure design principles and practices.
US and allied intelligence agencies have revealed that a sophisticated group of Chinese hackers, known as Volt Typhoon, has been targeting critical US infrastructure including aviation, rail, mass transit, highway, maritime, pipeline, water, and sewage systems for as long as five years. The group has been observed maintaining access within some victim IT environments, raising concerns about potential sabotage rather than espionage. The US government has sought assistance from private technology industry to track and counter this malicious cyber activity.
The U.S. government has revealed that the Chinese state-sponsored hacking group Volt Typhoon has infiltrated critical infrastructure networks in the U.S. and Guam for at least five years, aiming to pre-position themselves for disruptive or destructive cyber attacks in the event of a major crisis or conflict. The group, also known as Bronze Silhouette, employs stealthy tactics and living-off-the-land techniques to operate discreetly and maintain long-term, undiscovered persistence. Additionally, a widespread influence campaign linked to a Beijing public relations firm has been uncovered, pushing pro-China content across a network of impersonating local news websites in Europe, Asia, and Latin America.
US and allied intelligence agencies have revealed that a sophisticated Chinese hacking group known as "Volt Typhoon" has been targeting US critical infrastructure, including aviation, rail, mass transit, and more for the past five years. The group, which is believed to be focused on sabotage rather than espionage, has prompted the US government to seek assistance from private technology companies in tracking its activity. The joint statement from the US, Britain, Australia, Canada, and New Zealand's cybersecurity agencies highlights the ongoing concern over malicious cyber activity from China and the need for coordinated efforts to combat it.
The US government has launched an operation to combat a widespread Chinese hacking campaign known as Volt Typhoon, which has targeted thousands of internet-connected devices and poses a threat to critical infrastructure including naval ports, internet service providers, and utilities. The Justice Department and FBI have been authorized to remotely disable aspects of the hacking campaign, and the Biden administration is increasingly focused on addressing hacking threats. Concerns have been raised about the potential for these hacks to disrupt facilities supporting US military operations in the Indo-Pacific region, particularly in the event of a Chinese invasion of Taiwan.
A report reveals that state-sponsored Chinese hackers may have breached more than two dozen US systems, targeting critical infrastructure such as water utilities, ports, and oil and gas pipelines. Experts believe this is part of China's long-term strategy to distract or infect American commerce and infrastructure in the event of a conflict over Taiwan. The hackers aim to infiltrate systems unnoticed, gather information, and launch ransomware attacks at vulnerable moments. The US is currently lagging behind in cybersecurity and faces the challenge of catching up to China's hacking capabilities.
Chinese military hackers affiliated with the People's Liberation Army have infiltrated the computer systems of about two dozen critical entities in the United States, including power and water utilities, ports, and oil and gas pipelines, as part of an effort to disrupt key American infrastructure in the event of a U.S.-China conflict in the Pacific. The cyber campaign, known as Volt Typhoon, aims to sow panic, chaos, and logistical disruptions. The hackers have also targeted entities outside the U.S. The intrusions have not caused disruptions or affected industrial control systems, but they highlight China's intent to complicate U.S. efforts to project power in the Asia-Pacific region. The U.S. government and private sector are working to improve coordination and share information to defend against these cyber threats.
Suspected Chinese state-sponsored hacking group, Volt Typhoon, breached the US Navy as part of a broader campaign to disrupt communications in the Pacific region ahead of a possible crisis, according to Microsoft. The hackers gained access to targets in the US and Guam, home to a key US military installation in the Pacific. Microsoft said it had "moderate confidence" the breaches were carried out in preparation for future disruption.
The US Navy has been impacted by the Chinese state-sponsored hack revealed by Microsoft on Wednesday, according to Secretary of the Navy Carlos Del Toro. The hacking campaign, carried out by Volt Typhoon, is pursuing the development of capabilities that could disrupt critical communications infrastructure between the US and Asia region during future crises. The US Cybersecurity & Infrastructure Security Agency (CISA) warned that Volt Typhoon could apply the same techniques against infrastructure networks across the US and other sectors worldwide. Microsoft said the intrusion campaign placed a strong emphasis on stealth and sought to blend into normal network activity by hacking small-office network equipment, including routers.
The US State Department has warned that China is capable of launching cyberattacks against critical United States infrastructure, including oil and gas pipelines as well as rail systems, after researchers discovered a Chinese hacking group had been spying on such networks. The espionage group – dubbed “Volt Typhoon” by Microsoft – was the subject of an alert issued by cybersecurity and intelligence agencies in the US, Australia, Canada, New Zealand and the United Kingdom – known as the “Five Eyes” – on Wednesday. The Chinese government called the joint warning issued this week by the US and its allies a “collective disinformation campaign”.
China may be preparing for conflict after Microsoft warned of potential cyber attacks on US critical infrastructure by Chinese state-sponsored actor Volt Typhoon. Policy expert Jonathan D.T. Ward said the group likely targeted a wide range of critical infrastructure, including communications, manufacturing, utilities, transportation, construction, maritime government, information technology and education sectors. The US Cybersecurity & Infrastructure Security Agency and international cybersecurity authorities issued a joint Cybersecurity Advisory warning that Volt Typhoon could apply the same techniques against infrastructure networks across the US and other sectors worldwide. China's main objective remains to restructure the global economy with the PRC in the center.
Chinese cyberespionage group Volt Typhoon has been targeting critical infrastructure organizations across the United States, including government, maritime, communications, manufacturing, information technology, utilities, transportation, construction, and education. Microsoft warns that the group is pursuing capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. The group uses compromised small office and home office (SOHO) network equipment and open-source tools to evade detection. The attacks are likely part of a concerted effort to provide China with access in the event of a future conflict between the two countries.
