CyberSecurity news
FlagThis
@www.wsj.com
//
China has reportedly acknowledged its role in cyberattacks against U.S. critical infrastructure, specifically those attributed to the Volt Typhoon campaign. This admission occurred during a secret meeting with U.S. officials in December, according to SecurityWeek. U.S. officials noted that Volt Typhoon's actions, which involved infiltrating various industries' systems through zero-day exploits and other advanced tactics, were an attempt to deter U.S. support for Taiwan. Furthermore, cyberespionage by the Chinese state-backed Salt Typhoon group against U.S. telecommunications firms was also discussed, revealing the compromise of U.S. officials' communications.
These attacks are part of a broader pattern of Chinese state-backed hackers increasing their activity against infrastructure in the U.S., Europe, and the Asia-Pacific region. Recent intelligence indicates groups like Volt Typhoon and Salt Typhoon have infiltrated power grids, telecommunications networks, and transportation systems. Their apparent goal is to preposition for potential wartime disruption or coercive retaliation during periods of geopolitical tension. This approach involves installing dormant "logic bombs" designed to be triggered during a conflict or crisis, maintaining persistent access while minimizing detection risk.
The intensified cyber activities are viewed as a component of China's cyber-enabled irregular warfare strategy. Recent incidents include a power grid failure in Taiwan linked to a Volt Typhoon logic bomb, along with similar occurrences reported in European infrastructure. The attacks' sophistication lies in their "Living Off the Land" techniques, blending state-sponsored hacking with proxy groups and disinformation to achieve strategic objectives without triggering conventional military responses. Such actions, as analyzed by IT security professional Simone Kraus, raise concerns due to their potential for devastating real-world consequences if critical infrastructure is compromised.
References :
These attacks are part of a broader pattern of Chinese state-backed hackers increasing their activity against infrastructure in the U.S., Europe, and the Asia-Pacific region. Recent intelligence indicates groups like Volt Typhoon and Salt Typhoon have infiltrated power grids, telecommunications networks, and transportation systems. Their apparent goal is to preposition for potential wartime disruption or coercive retaliation during periods of geopolitical tension. This approach involves installing dormant "logic bombs" designed to be triggered during a conflict or crisis, maintaining persistent access while minimizing detection risk.
The intensified cyber activities are viewed as a component of China's cyber-enabled irregular warfare strategy. Recent incidents include a power grid failure in Taiwan linked to a Volt Typhoon logic bomb, along with similar occurrences reported in European infrastructure. The attacks' sophistication lies in their "Living Off the Land" techniques, blending state-sponsored hacking with proxy groups and disinformation to achieve strategic objectives without triggering conventional military responses. Such actions, as analyzed by IT security professional Simone Kraus, raise concerns due to their potential for devastating real-world consequences if critical infrastructure is compromised.
Share:
References :
- Sam Bent: In a closed-door Geneva summit, Chinese officials admitted—albeit indirectly—to orchestrating Volt Typhoon cyberattacks on US infrastructure. The move signals escalating covert conflict over Taiwan and exposes the US grid’s vulnerability to prolonged foreign infiltration.
- DataBreaches.Net: Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate.
- www.metacurity.com: China acknowledged US cyberattacks at a secret meeting, report
- WIRED: China Secretly (and Weirdly) Admits It Hacked US Infrastructure
- Risky Business Media: China privately admits to hacking American critical infrastructure, the US Treasury was compromised by password spraying, America will sign a global spyware agreement after all, and a Chinese APT is abusing the Windows Sandbox to hide its malware.
- securityaffairs.com: China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports.
- The Register - Security: China reportedly admitted directing cyberattacks on US infrastructure at a meeting with their American counterparts, according to The Wall Street Journal.…
- Schneier on Security: China Sort of Admits to Being Behind Volt Typhoon
- oodaloop.com: China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report
- www.scworld.com: US critical infrastructure attacks reportedly acknowledged by China
- OODAloop: In a secret meeting that took place late last year between Chinese and American officials, the former confirmed that China had conducted cyberattacks against US infrastructure as part of the campaign known as Volt Typhoon, according to The Wall Street Journal.
- cybersecuritynews.com: Chinese Hackers Attacking Critical Infrastructure to Sabotage Networks
- Metacurity: China acknowledged US cyberattacks at a secret meeting, report
- ciso2ciso.com: China Sort of Admits to Being Behind Volt Typhoon – Source: www.schneier.com
- WIRED: Brass Typhoon: The Chinese Hacking Group Lurking in the Shadows
Classification:
- HashTags: #CyberWarfare #China #CriticalInfrastructure
- Company: China
- Target: United States
- Attacker: Volt Typhoon, Salt Typhoon
- Feature: Critical Infrastructure Attack
- Malware: Volt Typhoon
- Type: Espionage
- Severity: Disaster