Chinese hackers have been in US infrastructure for at least five years

Share post:

China-backed hacking group Volt Typhoon has been identified as having “persistent” access to various sectors of U.S. critical infrastructure for “at least five years,” marking a concerning escalation in cyber threats. Targeting essential services such as water, transportation, energy, and communications, the hackers have exploited vulnerabilities in routers, firewalls, and VPNs. Utilizing stolen administrator credentials, Volt Typhoon’s operations pose a significant risk of disruption to critical systems.

The U.S. Cybersecurity and Infrastructure Security Agency, along with the National Security Agency and the Federal Bureau of Investigation, issued an advisory highlighting the need for critical infrastructure operators to fortify their cybersecurity measures. Volt Typhoon’s tactics include “living off the land” techniques, which complicate detection efforts by using the network’s own tools and processes against it.

This advisory comes amid growing concerns that China might leverage such cyber intrusions in strategies related to geopolitical tensions, notably the situation with Taiwan. Collaborative efforts from intelligence agencies in Canada, Australia, and New Zealand have also been noted, indicating a broader concern for global critical infrastructure security.

U.S. officials are urging operators to implement security best practices, such as applying software updates, enabling multi-factor authentication, and maintaining activity logs to monitor suspicious behavior. This situation underscores the vulnerabilities in U.S. critical infrastructure and the imperative for comprehensive cybersecurity defenses.

Sources include: Axios

 

SUBSCRIBE NOW

Related articles

AWS Launches Physical Locations for High-Speed Cloud Data Uploads

Amazon Web Services (AWS) unveiled a novel service at its re:Invent 2024 conference: Data Transfer Terminal, a network...

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways