An advanced group of Chinese hackers known as Volt Typhoon have targeting critical US infrastructure for around five years
An advanced group of Chinese hackers known as Volt Typhoon have targeting critical US infrastructure for around five years.
The cyber attacks were revealed in a joint statement from American and allied intelligence agencies.
{snip}
Despite the deep concern about malicious cyber activities from Volt Typhoon, Eric Goldstein, a senior official in the Cybersecurity and Infrastructure Security Agency, said: “Most of the victims we have identified have no legitimate espionage value.”
The statement revealing the hacking was co-signed by the US National Security Agency, US cyber watchdog CISA, the FBI and the Transportation Security Administration.
While the targeted organisations were not named, the intelligence officials noted the hackers had maintained access and footholds within some IT environments for an extended period.
The statement, endorsed by cybersecurity agencies from Britain, Australia, Canada, and New Zealand, echoed previous warnings from US officials about Volt Typhoon, which highlighted fears over its apparent focus on sabotage rather than espionage.
{snip}
US government officials have sought assistance from the tech industry in tracking and countering Volt Typhoon’s activities.
The group’s sophisticated botnet that was used to target critical US infrastructure has been dismantled by the FBI.
Volt Typhoon are said to have tried to rebuild it, but were apparently foiled by federal agents this month.
{snip}
The botnet takedown occurred in December, months after concerns about Volt Typhoon’s stealthy attacks against critical infrastructure were first made public.
Researchers at Lumen’s Black Lotus Labs said over the following month they “null-routed” – blocked – connections between compromised routers and Volt Typhoon’s servers, preventing the botnet being re-established.
* Original Article:
https://bangpremier.com/permalink/3009296