Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infr…
Security Week – Ryan Naraine
During the 2023 ICS Cybersecurity Conference, John Hultquist, Chief Analyst at Mandiant Intelligence, highlighted the urgent need to detect and remove traces of Volt Typhoon, a Chinese government-backed hacking group.
Volt Typhoon has shifted its focus from economic espionage and IP theft to deliberately targeting critical infrastructure installations in Guam and the United States.
The campaign aims to infiltrate critical infrastructure while remaining undetected.
It has been discovered in various sectors, including telecommunications, logistics, power, and water.
The National Security Agency (NSA) believes that Volt Typhoon may be preparing for a disruptive event in the event of a wartime scenario.
The campaign utilizes botnets and zero-days to maintain operational security.
Hultquist emphasized the importance of patching and mitigations for internet-facing edge devices and network routers.
Defenders should pay attention to the Volt Typhoon situation and the current situation in the Middle East due to potential responses from Iran.
Link: https://www.securityweek.com/mandiant-intelligence-chief-raises-alarm-over-chinas-volt-typhoon-hackers-in-us-critical-infrastructure/