The United States, in collaboration with international partners, has issued a cybersecurity advisory concerning the People's Republic of China (PRC). The advisory pertains to state-sponsored hacking attempts on U.S. Critical Infrastructure and offers insight into China's efforts to mask its cyber activities while promoting the reporting of suspected incidents.
In a press release by the Cybersecurity & Infrastructure Security Agency (CISA), it was confirmed that a Chinese-sponsored cyber actor known as Volt Typhoon has breached data across various critical infrastructure sectors. These sectors encompass communications, energy, transportation, and infrastructure. CISA posits that the PRC is strategically positioning itself to initiate a series of damaging cyber-attacks that could potentially hinder the military's response to significant crises or conflicts that may confront the United States.
According to the same press release, CISA has disseminated a joint guidance report designed to assist organizations in identifying and reporting diverse types of cyberattack techniques that PRC actors might employ. It was noted that there has been a strategic shift in PRC cyber attacks against U.S. critical infrastructure in recent years.
"CISA teams have found and eradicated Volt Typhoon intrusions into critical infrastructure across multiple sectors," said CISA Director Jen Easterly. "And what we’ve found to date is likely the tip of the iceberg." Easterly emphasized that "today’s joint advisory and guide are the result of effective, persistent operational collaboration with our industry, federal, and international partners." She further stressed their continued commitment to providing timely, actionable guidance to all stakeholders at this critical juncture for national security. She urged all critical infrastructure organizations to review and implement actions recommended in these advisories and report any suspected Volt Typhoon or 'living off the land' activity to either CISA or FBI.
