Significant Volt Typhoon threat requires immediate US critical infrastructure action

U.S. critical infrastructure organizations have been urged by Mandiant Intelligence Chief Analyst John Hultquist to accelerate efforts to discover and mitigate threats by Chinese state-sponsored threat operation Volt Typhoon, which has already targeted telecommunications, logistics, water, and power sector organizations across the U.S. and in Guam, according to SecurityWeek. Such attacks are believed by the National Security Agency to have been conducted to facilitate disruptive intrusions should a wartime scenario arise, said Hultquist at SecurityWeek's 2023 ICS Cybersecurity Conference. "While I don't have the intelligence to confirm that, the deliberate targeting of critical infrastructure makes it a priority for us. This is especially concerning given how hard they're working on their operational security, using botnets and zero-days to stay below the radar," noted Hultquist. Aside from Volt Typhoon, organizations across the U.S. should also be vigilant of potential cyber incidents related to the ongoing situation in the Middle East, with U.S. participation raising the likelihood of Iranian cyberattacks, Hultquist added.