Monday, May 27, 2024

CISA Warns Critical Infrastructure Leaders of Volt Typhoon

Must read

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a stark warning yesterday to leaders of critical infrastructure organizations regarding the imminent threat posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.”

In collaboration with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners, CISA released a significant advisory on February 7 2024. 

The advisory confirmed that Volt Typhoon has been actively infiltrating networks of US critical infrastructure organizations. This infiltration is seen as a strategic move to potentially disrupt or destroy critical services in the event of escalating geopolitical tensions or military conflicts involving the United States and its allies.

According to the advisory, Volt Typhoon has successfully compromised organizations across various sectors, including communications, energy, transportation systems and water and wastewater systems.

Read more on this threat: US Thwarts Volt Typhoon Cyber-Espionage Campaign Through Router Disruption

This infiltration represents a significant business risk not only for organizations in the United States but also for allied countries. In response to this imminent threat, CISA, along with its partners, released a fact sheet on Tuesday aimed at providing executive leaders of critical infrastructure entities with guidance on prioritizing the protection of critical infrastructure and functions.

The fact sheet emphasizes the importance of recognizing cyber-risk as a core business risk, essential for both good governance and national security. It urges leaders to empower cybersecurity teams to make informed resourcing decisions and to implement proactive measures to detect and defend against Volt Typhoon and other malicious cyber activities. 

Additionally, leaders are encouraged to secure their supply chains, drive a cybersecurity culture within their organizations and ensure robust incident response plans are in place.

“All employees need more training and yet most companies only do cybersecurity training once a year,” commented Roger Grimes, data-driven defense evangelist at KnowBe4.

“It is this fundamental gap between how we are so often successfully attacked and the resources (i.e. training) used to prevent the attack that allows hackers and their malware programs to be so successful for so long.”

Latest article