Attacks and Vulnerabilities
Critical infrastructure
Industrial Cyber Attacks
Malware, Phishing & Ransomware
News
Threat Landscape
Vulnerabilities

Senator Vance issues warning on China-backed Volt Typhoon threat to US critical infrastructure

May 16, 2024
Senator Vance issues warning on China-backed Volt Typhoon threat to US critical infrastructure

In a letter to the Cybersecurity and Infrastructure Security Agency (CISA), a U.S. Senator warned of the threat posed by China-backed Volt Typhoon hackers. Senator J.D. Vance warns that a comprehensive Volt Typhoon assault on the country’s critical infrastructure could have devastating consequences, potentially plunging the nation into chaos, especially when facing military threats from foreign adversaries simultaneously.

Known for targeting critical infrastructure installations, the Volt Typhoon hacker group poses a significant cyber threat. Their tactics involve infiltrating networks to disrupt operations and compromise sensitive information. Volt Typhoon’s activities have raised concerns due to their potential impact on essential services like energy, transportation, and water systems. The group’s sophisticated techniques and persistent attacks have garnered attention from cybersecurity agencies and government entities. 

Additionally, their ability to evade detection and cause widespread disruptions underscores the urgent need for robust cybersecurity measures and proactive defense strategies to safeguard critical infrastructure from such malicious hackers.

Senator Vance, a Republican from Ohio, wrote in his letter to CISA director Jen Easterly that the U.S. critical infrastructure ‘appears to be under attack from the PRC state-sponsored hacker group known as Volt Typhoon.’ He also pointed out that the ‘consequences of a Volt Typhoon attack would presumably include a threat to the U.S. military by disrupting power and water to our military facilities and critical supply chains.’

The hacking group, Volt Typhoon, has compromised hundreds of thousands of devices, and experts believe it has targeted critical American infrastructure to exploit future instances of increased geopolitical tensions. Such a scenario would be devastating to American infrastructure, the energy grid, military facilities, and supply chains.

Vance mentioned in his letter that following Secretary of State Anthony Blinken’s April visit to China, Ambassador Nathaniel C. Fick stated that Secretary Blinken was ‘very clear that holding American critical infrastructure at risk —especially civilian critical infrastructure —is dangerous. It’s escalatory. It’s unacceptable.’ 

Ambassador Fick added that the U.S. delegation spoke with the Chinese officials ‘about Volt Typhoon directly.’

According to press reports, President Joe Biden also addressed the Volt Typhoon in meetings with Chinese President Xi Jinping.

Senator Vance has requested responses from Easterly by May 24 to gain insights into the Volt Typhoon attacks’ risk. The questions seek clarity on how Volt Typhoon infiltrated U.S. critical infrastructure, the rationale behind CISA’s public warning earlier this year, and the extent of the impact on entities in key sectors like communications, energy, transportation systems, and water and wastewater systems. Additionally, Vance inquired about the involvement of other critical infrastructure sectors, the outreach efforts conducted by CISA with sector risk management agencies, and the specific agencies engaged in addressing the Volt Typhoon threat.

Furthermore, Senator Vance inquired about the awareness of the Volt Typhoon among Information Sharing and Analysis Centers (ISACs). He also requested information on the number of individual network devices in the U.S. affected or at risk due to Volt Typhoon, and the mitigation strategies identified or implemented by CISA and sector risk management agencies against this threat. Additionally, he sought details on the volume of calls received by CISA’s 24/7 Operations Center concerning Volt Typhoon since January 1, 2023.

In March, transnational security agencies collaborated once more to issue a fact sheet alerting critical infrastructure leaders to the imminent threat posed by the Volt Typhoon. They also guide to help prioritize the protection of critical infrastructure and functions. The authoring agencies urge leaders to recognize cyber risk as a core business risk. This recognition is both necessary for good governance and fundamental to national security.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

Webinar: A Sense of Urgency - Industrial Cybersecurity and Compliance Under the NIS2 Directive

Register: June 27, 2024 2pm CET

http://industrialcyber.co

Related

Analyzing role of C-Level executives, management in enhancing cybersecurity within industrial sectors
Analyzing role of C-Level executives, management in enhancing cybersecurity within industrial sectors
breaking down the strategic guidance and national priorities for u.s. critical infrastructure security and resilience expert
Breaking Down the Strategic Guidance and National Priorities for U.S Critical Infrastructure Security and Resilience
DHS Secretary Mayorkas unveils strategic guidance to bolster US critical infrastructure security and resilience
DHS Secretary Mayorkas unveils strategic guidance to bolster US critical infrastructure security and resilience
House Committee urges DHS, DOE to declassify risks of Chinese-manufactured drones
House Committee urges DHS, DOE to declassify risks of Chinese-manufactured drones
US DHS partners with Indonesia to strengthen maritime cybersecurity in Indo-Pacific region
US DHS partners with Indonesia to strengthen maritime cybersecurity in Indo-Pacific region
Broadcom's Symantec solutions achieve IRAP certification, meeting Australian government standards
Broadcom’s Symantec solutions achieve IRAP certification, meeting Australian government standards
MITRE launches ACID to boost OT security with ATT&CK-based indicators using CISA's ICSNPP Parsers
MITRE launches ACID to boost OT security with ATT&CK-based indicators using CISA’s ICSNPP Parsers
Fortinet reports surge in OT system cyberattacks with phishing and email compromises leading to intrusions
Fortinet reports surge in OT system cyberattacks with phishing and email compromises leading to intrusions
US CISA issues ICS cybersecurity advisories for Emerson, Mitsubishi Electric, Johnson Controls equipment
CISA warns of path traversal vulnerability in RAD Data’s SecFlow-2 hardware
US DOE introduces supply chain cybersecurity principles to bolster global energy infrastructure security
US DOE introduces supply chain cybersecurity principles to bolster global energy infrastructure security