Government cybersecurity authorities in the United States and allied countries have issued a fresh warning about the Chinese-linked hacking group known as Volt Typhoon.
In a joint advisory released Tuesday, the US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and eight international partners cautioned that Volt Typhoon—believed to have ties to Beijing—may be preparing for disruptive or destructive cyberattacks against critical infrastructure organisations.
“Volt Typhoon has been pre-positioning themselves on US critical infrastructure organisations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies,” the advisory states.
The agencies emphasise that this activity represents a serious business risk for organisations across the United States and allied nations.
This alert follows a prior disclosure, issued just over a month earlier by the same coalition, that Volt Typhoon had compromised networks belonging to multiple critical infrastructure victims in the US.
To reduce exposure, the advisory recommends that organisations prioritise security improvements aligned with established frameworks such as the Cybersecurity Performance Goals and coordinate with their designated Sector Risk Management Agencies. It also stresses the importance of comprehensive logging and monitoring to detect “living off the land” tactics—where attackers use legitimate tools and software to remain hidden within targeted environments.
Other recommended measures include developing and regularly testing incident-response plans, running cybersecurity exercises, and strengthening supply-chain security to limit opportunities for intrusion and escalation. These steps are presented as critical to identifying early signs of compromise and limiting potential damage from Volt Typhoon or similar threat actors.
The repeated warnings highlight authorities’ concern about Volt Typhoon’s capabilities and suspected intent to carry out destructive operations against critical infrastructure providers, particularly amid heightened geopolitical tensions.
(Photo by Thomas Kelley)
See also: Nations demand tech firms tackle scammers
Unified Communications is a two-day event held in California, London, and Amsterdam that explores the future of workplace collaboration in an increasingly digital world. The event runs alongside several related conferences covering digital transformation, IoT, edge computing, intelligent automation, AI and big data, and cybersecurity and cloud technologies.
Find additional upcoming enterprise technology events and webinars powered by TechForge through its events listings.