CISA Warns Critical Infrastructure Leaders of Volt Typhoon

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a stark warning yesterday to leaders of critical infrastructure organizations regarding the imminent threat posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.”

In collaboration with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners, CISA released a significant advisory on February 7 2024. 

The advisory confirmed that Volt Typhoon has been actively infiltrating networks of US critical infrastructure organizations. This infiltration is seen as a strategic move to potentially disrupt or destroy critical services in the event of escalating geopolitical tensions or military conflicts involving the United States and its allies.

According to the advisory, Volt Typhoon has successfully compromised organizations across various sectors, including communications, energy, transportation systems and water and wastewater systems.

Read more on this threat: US Thwarts Volt Typhoon Cyber-Espionage Campaign Through Router Disruption

This infiltration represents a significant business risk not only for organizations in the United States but also for allied countries. In response to this imminent threat, CISA, along with its partners, released a fact sheet on Tuesday aimed at providing executive leaders of critical infrastructure entities with guidance on prioritizing the protection of critical infrastructure and functions.

The fact sheet emphasizes the importance of recognizing cyber-risk as a core business risk, essential for both good governance and national security. It urges leaders to empower cybersecurity teams to make informed resourcing decisions and to implement proactive measures to detect and defend against Volt Typhoon and other malicious cyber activities. 

Additionally, leaders are encouraged to secure their supply chains, drive a cybersecurity culture within their organizations and ensure robust incident response plans are in place.

“All employees need more training and yet most companies only do cybersecurity training once a year,” commented Roger Grimes, data-driven defense evangelist at KnowBe4.

“It is this fundamental gap between how we are so often successfully attacked and the resources (i.e. training) used to prevent the attack that allows hackers and their malware programs to be so successful for so long.”

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

US Imposes Visa Restrictions on Alleged Spyware Figures
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe
Over 850 Vulnerable Devices Secured Through CISA Ransomware Program
Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant

Leave a Reply

Your email address will not be published. Required fields are marked *