chinese hacking us infrastructure: Chinese hacking campaign aiming critical infrastructure goes back five years: US

The US National Security Agency, US cyber watchdog CISA, the FBI, and the Transportation Security Administration said that the group known as “Volt Typhoon” had quietly burrowed into the networks of aviation, rail, mass transit, highway, maritime, pipeline, water and sewage organisations.

None of the organizations were identified by name, but the statement said that American intelligence officials have observed the hackers “maintaining access and footholds within some victim IT environments for at least five years.”

The statement, which was co-signed by Britain, Australia, Canada and New Zealand’s respective cybersecurity agencies, is the latest in a series of warnings from US officials about Volt Typhoon, a group that has drawn particular alarm because it appears geared toward sabotage rather than espionage.

The widespread nature of the hacks has led to a series of meetings between the White House and private technology industry, including several telecommunications and cloud commuting companies, in which the US government asked for assistance in tracking the activity.

Last week, Reuters reported that the US government had launched an operation to fight Volt Typhoon by remotely disabling aspects of its operation.

Discover the stories of your interest

“We are extraordinarily concerned about malicious cyber activity from the PRC state sponsored actor that industry calls Volt Typhoon,” senior CISA official Eric Goldstein, referring to the People’s Republic of China, told Reuters ahead of the statement’s release. “Most of the victims we have identified have no legitimate espionage value.” News of the joint statement was first reported by CNN.

The US National Security Agency, US cyber watchdog CISA, the FBI, and the Transportation Security Administration said that the group known as “Volt Typhoon” had quietly burrowed into the networks of aviation, rail, mass transit, highway, maritime, pipeline, water and sewage organisations.

None of the organizations were identified by name, but the statement said that American intelligence officials have observed the hackers “maintaining access and footholds within some victim IT environments for at least five years.”

The statement, which was co-signed by Britain, Australia, Canada and New Zealand’s respective cybersecurity agencies, is the latest in a series of warnings from US officials about Volt Typhoon, a group that has drawn particular alarm because it appears geared toward sabotage rather than espionage.

The widespread nature of the hacks has led to a series of meetings between the White House and private technology industry, including several telecommunications and cloud commuting companies, in which the US government asked for assistance in tracking the activity.

Last week, Reuters reported that the US government had launched an operation to fight Volt Typhoon by remotely disabling aspects of its operation.

Discover the stories of your interest

“We are extraordinarily concerned about malicious cyber activity from the PRC state sponsored actor that industry calls Volt Typhoon,” senior CISA official Eric Goldstein, referring to the People’s Republic of China, told Reuters ahead of the statement’s release. “Most of the victims we have identified have no legitimate espionage value.” News of the joint statement was first reported by CNN.