Washington, February 8: China-sponsored cyber actors have accessed IT networks for destructive cyber attacks against US critical infrastructure in the event of a major crisis or conflict with the country, a coalition of top intelligence agencies haswarned.
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) said that People’s Republic of China (PRC)-backed hackers are seeking to pre-position themselves on IT networks for disruptive or destructive cyber attacks as they have gained access for “at least five years”. Google Says Government Hackers Last Year Used Three Undiscovered Flaws in Apple’s iPhone OS To Target Users With Spyware Created by European Startup.
Volt Typhoon, a state-sponsored group of hackers based in China, has compromised the IT environments of multiple critical infrastructure organisations -- primarily in communications, energy, transportation systems and water and wastewater systems sectors -- in the US and its territories, the agencies said in a joint statement late on Wednesday.
The US agencies are concerned about the potential for these actors to use their network access for disruptive effects in the event of potential geopolitical tensions and/or military conflicts. “Volt Typhoon’s choice of targets and pattern of behaviour is not consistent with traditional cyber espionage or intelligence gathering operations,” warned US agencies.
The agencies urge critical infrastructure organisations to apply the mitigations and to hunt for similar malicious activity. "If an activity is identified, the authoring agencies strongly recommend that critical infrastructure organisations apply the incident response recommendations in the advisory and report the incident to the relevant agency,” said the agencies. Microsoft Will Help India Become Self-Reliant by Fostering Skilled AI Workforce and Empowering Every Sector and Industry To Transform With Artificial Intelligence: CEO Satya Nadella.
Last week, the FBI and US Department of Justice announced they had disrupted the “KV Botnet” run by Volt Typhoon that had compromised US-based routers for small businesses and home offices. Volt Typhoon has been exploiting vulnerabilities in routers, firewalls and VPNs to gain initial access to critical infrastructure.
(The above story first appeared on LatestLY on Feb 08, 2024 11:29 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).