The Volt Typhoon saga continues. As a reminder, Volt Typhoon is a China-based hacking group accused of targeting critical infrastructure, which we covered in our last industry brief. But since then, the concern around their ability to establish base camps in IT networks in order to gain eventual access to OT networks has only grown. Here’s the latest.
A New Warning is Issued
The CISA, NSA, FBI, and several other agencies in the U.S. have joined cybersecurity agencies from Australia, Canada, the United Kingdom, and New Zealand to alert critical infrastructure leaders of the threat that Volt Typhoon poses, particularly to OT systems. This doubles down on the warning that they issued last month in which they emphasized the Chinese hackers’ successful breach of critical infrastructure in the U.S., which lasted years in some cases. Worried that Volt Typhoon may be interested in taking advantage of vulnerabilities, especially during times of geopolitical tensions, the agencies have urged operators to “empower their cybersecurity teams to make informed resourcing decisions, secure their supply chain, and ensure that performance management outcomes align with their organization’s cyber goals,” according to Sergiu Gatlan at Bleeping Computer.
While a warning for all critical infrastructure, a particular spotlight has been put on water and wastewater systems, which already suffer from resource shortages. The Biden administration is continuing to advise states to be vigilant for cyberattacks against these systems, specifically with the threat of Volt Typhoon rising. In a recent letter, Environmental Protection Agency Administrator Michael Regan and National Security Advisor Jake Sullivan noted that Volt Typhoon has already compromised information technology connected to drinking water facilities.
Cybersecurity Concern Rises
In addition to causing major disruption to essential networks, experts are increasingly concerned that China will be able to steal intellectual property through such cyberattacks. During the Billington State and Local Cybersecurity Summit in Washington, D.C., industry speakers discussed China’s use of AI in espionage efforts. To protect from this risk, the CISA has promoted the benefits of “tabletop exercise,” or the process of simulating such attacks in order to develop proper response strategies and techniques.
Despite the push for such preventative measures, the cybersecurity concerns are obviously at an all-time high. This isn’t just the case for people in the field. A new study shows that the general public is also as worried about the impacts of cyberattacks. MITRE and The Harris Poll found that, “81% of US residents are worried about how secure critical infrastructure may be.” While 78% of respondents believe the responsibility for addressing this problem lies on the federal government, 49% said the responsibility falls on both public and private organizations. Regardless of where the responsibility should be placed, the fact remains that cybersecurity will continue to be a priority, with OT taking a more prominent position – an area that DYNICS knows well. It is essential that facilities downsize the attack surface of their OT networks by denying by default and limiting traffic only to what is required for the operation of the plant. Be sure to explore our products designed specifically to shield OT systems.
Sources:
- “CISA shares critical infrastructure defense tips against Chinese hackers” – Sergiu Gatlan, Bleeping Computer
https://www.bleepingcomputer.com/news/security/cisa-shares-critical-infrastructure-defense-tips-against-chinese-hackers/ - “‘We know they’re on the network,’ CISA official says of nation-state actors infiltrating U.S. critical infrastructure” – Sophia Fox-Sowell, Statescoop
https://statescoop.com/nation-state-actors-us-critical-infrastructure-cisa-2024/ - “US Warns of Cyberattacks Against Water Systems Throughout Nation” – Ari Natter, Bloomberg
https://www.yahoo.com/news/us-warns-cyberattacks-against-water-181349931.html?guccounter=1 - “Public anxiety mounts over critical infrastructure resilience to cyber attacks” – Help Net Security
https://www.helpnetsecurity.com/2024/03/18/critical-infrastructure-cyberattacks-risk/
