#VoltTyphoon

Volt Typhoon not the only Chinese crew lurking in US energy, critical networks

by

February 7, 2024 at 05:53PM The US government warns that beyond Volt Typhoon, other Chinese cyber espionage groups are infiltrating critical American infrastructure, seeking to steal data and disrupt operations. Concerns about potential sabotage and data theft persist, prompting collaboration between government agencies and critical industry sectors to identify and eliminate compromised systems. This raises … Read more

Chinese hackers hid in US infrastructure network for 5 years

by

February 7, 2024 at 03:11PM The Chinese cyber-espionage group Volt Typhoon infiltrated U.S. critical infrastructure networks, remaining undetected for at least five years. They utilize living off the land techniques, stolen accounts, and strong operational security to maintain long-term access. U.S. authorities warn of potential disruption to critical infrastructure, with mitigation advice provided alongside the … Read more

US says China’s Volt Typhoon is readying destructive cyberattacks

by

February 7, 2024 at 02:19PM The US government confirmed that China’s Volt Typhoon hackers compromised critical infrastructure IT networks, preparing for disruptive cyberattacks in the US and its territories. The group targeted communication, energy, transportation, and water systems. Twelve government agencies, including CISA, NSA, and FBI, warned of potential disruptive attacks and provided mitigation actions … Read more

Chinese hackers fail to rebuild botnet after FBI takedown

by

February 7, 2024 at 10:27AM Chinese Volt Typhoon hackers failed to revive a botnet previously used in U.S. infrastructure attacks, taken down by the FBI. After dismantling, FBI control prevented re-hijacking attempts, while Black Lotus Labs’ null-routing thwarted revival efforts. The hackers’ past breach targets included U.S. military organizations, telcos, and a European energy firm. … Read more

U.S. Feds Shut Down China-Linked “KV-Botnet” Targeting SOHO Routers

by

February 4, 2024 at 12:19PM The U.S. government neutralized the China-linked Volt Typhoon botnet hijacking U.S.-based SOHO routers vulnerable due to end-of-life status. The botnet facilitated covert data transfer through compromised routers and VPN hardware, impacting critical infrastructure sectors. Law enforcement efforts aimed to disrupt the botnet’s activities, emphasizing the need for secure-by-design practices in … Read more

Feds Confirm Remote Killing of Volt Typhoon’s SOHO Botnet

by

February 1, 2024 at 04:54PM US law enforcement disrupted the China-sponsored cyberattack group Volt Typhoon, known for managing a botnet to launch attacks on US critical infrastructure. The FBI used a kill switch to delete the malware from routers and sever their connection to the botnet. However, experts believe the group will rebuild, but US … Read more

China Infiltrates US Critical Infrastructure in Ramp-up to Conflict

by

February 1, 2024 at 03:35PM China is rapidly enhancing its military, including cyber operations, to deter and confront the United States. Chinese cyberattackers are increasingly targeting critical infrastructure, indicating a strategic shift in tactics. US officials and experts are deeply concerned about China’s disruptive cyber activities and the increasing difficulty in detecting these attacks. This … Read more

FBI confirms it issued remote kill command to blow out Volt Typhoon’s botnet

by

January 31, 2024 at 02:27PM China’s Volt Typhoon cyber attackers utilized outdated Cisco and NetGear routers infected with malware to target US critical infrastructure facilities. The FBI intercepted the attack, harvested key data, then wiped the KV Botnet. FBI Director Christopher Wray warned of China targeting US communications, energy, transportation, and water sectors. Law enforcement … Read more

We know nations are going after critical systems, but what happens when crims join in?

by

January 31, 2024 at 12:17PM Volt Typhoon, a Chinese-government-backed cyberespionage group, has been targeting US energy, satellite, and telecommunications systems, according to security firm Dragos’ CEO Robert Lee. The group’s tactics, which include a slow and strategic approach, have raised concerns about potential disruptions to critical infrastructure. Lee also highlighted the threat posed by the … Read more

CISA: Vendors must secure SOHO routers against Volt Typhoon attacks

by

January 31, 2024 at 11:15AM CISA and the FBI have issued a warning to small office/home office (SOHO) router manufacturers to enhance security against attacks by Chinese state-backed hacking group Volt Typhoon. The agencies urge eliminating vulnerabilities, automating security updates, and safeguarding against Volt Typhoon activity. This follows ongoing attacks targeting U.S. critical infrastructure organizations … Read more