U.S. EPA Forms Task Force to Protect Water Systems from Cyberattacks

March 20, 2024 at 02:30AM The EPA has formed a “Water Sector Cybersecurity Task Force” to address cyber threats to water systems. EPA Administrator and the National Security Advisor emphasize the need to secure water and wastewater systems from cyber attacks. CISA has warned of the “urgent risk posed by Volt Typhoon” targeting critical infrastructure. … Read more

CISA shares critical infrastructure defense tips against Chinese hackers

March 19, 2024 at 04:25PM U.S. and partner cybersecurity agencies issued warnings against the Chinese hacking group, Volt Typhoon, targeting critical infrastructure. They provided defense tips and urged infrastructure leaders to empower their cybersecurity teams. The group has breached U.S. critical infrastructure, posing risks of disruption during military conflicts. Additionally, FBI disrupted the group’s botnet. … Read more

Fortress Information Security Deploys Automated Patch Notification and Authenticity Tool

February 26, 2024 at 05:25PM Summary: CISA, NSA, and FBI warn of U.S. critical infrastructure attacks by “Volt Typhoon,” linked to CCP. Fortress Information Security partners with power companies to mitigate exposure, offering File Integrity Assurance (FIA) for compliance with CIP standards. Research reveals high likelihood of vulnerabilities in software from Russia or China, emphasizing … Read more

Volt Typhoon Seen Exfiltrating Sensitive OT Data

February 20, 2024 at 09:03AM The industrial cybersecurity firm Dragos has identified Volt Typhoon, a hacker group linked to the Chinese government, as a serious threat to organizations using industrial control systems (ICS) or operational technology (OT). The group’s cyberespionage activities and potential for disruption in critical infrastructure are highlighted in Dragos’ 2023 ICS/OT Cybersecurity … Read more

China’s Volt Typhoon spies broke into emergency network of ‘large’ US city

February 14, 2024 at 04:05PM Chinese government’s Volt Typhoon spy team has compromised a US city’s emergency services network and is targeting American telecom providers alongside ongoing reconnaissance of electric companies. Dragos CEO Robert Lee expressed concern over the strategic nature of the targets. The espionage extends to African electric providers, and the spies have … Read more

China’s Cyberattackers Maneuver to Disrupt US Critical Infrastructure

February 7, 2024 at 06:20PM CISA’s report reveals that the China-backed Volt Typhoon APT is targeting critical infrastructure, pivoting to operational technology networks. Concerns arise over potential disruption in the event of geopolitical tensions. The APT has remained undetected in US infrastructure for five years, using legitimate accounts and LOTL techniques. It also targets Australian, … Read more

Volt Typhoon not the only Chinese crew lurking in US energy, critical networks

February 7, 2024 at 05:53PM The US government warns that beyond Volt Typhoon, other Chinese cyber espionage groups are infiltrating critical American infrastructure, seeking to steal data and disrupt operations. Concerns about potential sabotage and data theft persist, prompting collaboration between government agencies and critical industry sectors to identify and eliminate compromised systems. This raises … Read more

Chinese hackers hid in US infrastructure network for 5 years

February 7, 2024 at 03:11PM The Chinese cyber-espionage group Volt Typhoon infiltrated U.S. critical infrastructure networks, remaining undetected for at least five years. They utilize living off the land techniques, stolen accounts, and strong operational security to maintain long-term access. U.S. authorities warn of potential disruption to critical infrastructure, with mitigation advice provided alongside the … Read more

US says China’s Volt Typhoon is readying destructive cyberattacks

February 7, 2024 at 02:19PM The US government confirmed that China’s Volt Typhoon hackers compromised critical infrastructure IT networks, preparing for disruptive cyberattacks in the US and its territories. The group targeted communication, energy, transportation, and water systems. Twelve government agencies, including CISA, NSA, and FBI, warned of potential disruptive attacks and provided mitigation actions … Read more

Chinese hackers fail to rebuild botnet after FBI takedown

February 7, 2024 at 10:27AM Chinese Volt Typhoon hackers failed to revive a botnet previously used in U.S. infrastructure attacks, taken down by the FBI. After dismantling, FBI control prevented re-hijacking attempts, while Black Lotus Labs’ null-routing thwarted revival efforts. The hackers’ past breach targets included U.S. military organizations, telcos, and a European energy firm. … Read more