Critical Infrastructure Security, Threat Intelligence

Officials: Volt Typhoon operations mark significant cyber threat landscape shift

Data protection, binary code with China flag

Chinese cyberespionage group Volt Typhoon's infiltration of U.S. critical infrastructure entities has been regarded by federal officials to have marked a paradigm shift on how state-sponsored threat actors could facilitate widespread compromise, reports The Record, a news site by cybersecurity firm Recorded Future.

Other nation-state adversaries could follow Volt Typhoon's lead in breaching vulnerable devices before compromising networks, according to officials.

"This threat is not going away. When you look at the lifespan of edge devices and hardware that go out of end-of-life, but still maintain operational functionality in U.S.-based networks… They can compromise hundreds or thousands of U.S.-based devices with a much higher probability of targeting entities," said FBI Cyber Division Deputy Assistant Director Brrett Leatherman.

Meanwhile, National Security Agency Cybersecurity Directorate Head Dave Luber noted that Volt Typhoon has been continuously evolving its attack arsenal.

"They're going to continue to develop tradecraft and look for ways to even evade some of the hunt guides that we've put in place," Luber added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.