What is Volt Typhoon, and Should You Be Concerned?
Last week, Volt Typhoon targeted critical infrastructure groups in the US. Somehow, this has absolutely nothing to do with professional wrestling; “Volt Typhoon” sounds like a WWE wrestling heel plotting the demise of a fan favorite. So, what is Volt Typhoon, and should you be concerned?
Volt Typhoon is a hacking group that is state sponsored by China; it’s been active since at least mid-2021. The group has targeted infrastructure sites in United States, including communications, manufacturing, utility, transportation, maritime, and government. While most cyberattacks focus on crippling systems, stealing data and wreaking havoc, these attacks are different; Volt Typhoon is trying to stay as quiet as possible.
“What’s different about these attacks is that the hackers are living off the land and trying to stay stealthy,” says MacguyverTech CEO Steve (Mac) McKeon. “They use basic command functions to steal passwords, then use the credentials to access more sensitive information. They’re not trying to cause problems…yet. They’re just collecting data and trying to stay quiet. That’s what makes this so dangerous.”
Volt Typhoon also uses a variety of techniques to infiltrate networks, including spear phishing (a specifically targeted phishing attack on an individual, crafted by examining their browsing history), watering hole attacks, zero-day attacks and exploiting vulnerabilities in software. Once inside a network, Volt Typhoon can steal sensitive data, install malware, and disrupt operations.
“This sort of attack reminds people to stay on their toes,” says McKeon. “The key isn’t to just have one form of cybersecurity for this. You need to have a layered security strategy, educate your employees and protect your passwords. Also, make sure you have a plan in place detailing what everyone should do in the event of a cyberattack…because they’re coming more and more often.”
While all information points to Volt Typhoon being a state-sponsored group, the People’s Republic of China has denied any wrongdoing. Of course, that’s exactly what a good wrestling heel should do.
For more information about cybersecurity, visit our home page.
For more information about our PVA cybersecurity offerings, click here.
#cybersecurity #cyber #hacking #VoltTyphoon #PVA
