Nearly two dozen of 63 Chinese threat operations monitored by CrowdStrike have been actively deploying more sophisticated attacks aimed at high-profile organizations and individuals after initially focusing on "smash-and-grab" intrusions, reports The Register.
Chinese state-sponsored threat operation Volt Typhoon, also known as Vanguard Panda, was regarded by CrowdStrike Senior Vice President of Counter Adversary Operations Adam Meyers to be among the more concerning China-linked threats after pre-positioning itself in U.S. critical infrastructure networks last year. Volt Typhoon was also unaffected by the dismantling of its KV botnet infrastructure, which was suspected to be managed by another threat group. "They're not going to just leave things to chance. If there's a primary mechanism that they're using, then they want a secondary and a tertiary one," said Meyers. Meanwhile, the U.S.'s efforts to disclose and detail Chinese state-backed attacks against critical infrastructure have been praised by ZeroFox Vice President of Intelligence Adam Darrah. "I do applaud the United States government for being more bold in publicizing these campaigns and saying here's how to prevent this being an issue. It's a way to crowdsource national defense," said Darrah.
