The U.S. Cybersecurity and Infrastructure Security Agency and other federal agencies recently issued a fact sheet that provides an overview for executive leaders on the urgent risk posed by People’s Republic of China state-sponsored cyber actors known as “Volt Typhoon.”
CISA, along with the National Security Agency, the Federal Bureau of Investigation and other U.S. government and international partners, released a major advisory on Feb. 7, 2024, in which the U.S. authoring agencies warned cybersecurity defenders that Volt Typhoon has been pre-positioning themselves on U.S. critical infrastructure organizations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies.
“This is a critical business risk for every organization in the United States and allied countries,” the fact sheet said.
The advisory provides detailed information related to the groups’ activity and describes how the group has successfully compromised U.S. organizations, especially in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors.
Critical infrastructure owners and operators are being urged to review the advisory for defensive actions against this threat and its potential impacts to national security.
CISA and partners released the fact sheet to provide leaders of critical infrastructure entities with guidance to help prioritize the protection of critical infrastructure and functions.
“The authoring agencies urge leaders to recognize cyber risk as a core business risk. This recognition is both necessary for good governance and fundamental to national security.”
