Priya PatelA recent cybersecurity advisory warns that a Chinese-sponsored cyberthreat group called Volt Typhoon is targeting critical infrastructure sectors in the U.S., including communications, utilities, energy, and transportation. The advisory, issued by the Cybersecurity and Infrastructure Security Agency (CISA), along with the NSA, FBI, and similar departments from the United Kingdom, Australia, Canada, and New Zealand, highlights Volt Typhoon’s use of “living off the land” techniques to compromise the systems of critical infrastructure entities. The advisory provides guidance for detecting and mitigating Volt Typhoon’s activities, including deploying patches for vulnerable software and reporting any suspected activity to CISA or the FBI.
CISA Director Jen Easterly emphasized the seriousness of the Chinese cyber threat, stating that while CISA has already identified and eliminated Volt Typhoon intrusions into critical infrastructure, there is likely much more activity that remains undetected. Easterly urged all critical infrastructure organizations to review and implement the recommended actions in the advisory and report any suspicious activity to CISA or the FBI.
