American and allied intelligence agencies issued a joint statement on Wednesday, revealing the ongoing activity of an advanced group of Chinese hackers targeting critical US infrastructure, according to a report in The Guardian.
Known as Volt Typhoon, this group has been operating for up to five years, infiltrating networks across various sectors, including aviation, rail, mass transit, highway, maritime, pipeline, water, and sewage.
While specific organizations were not named, the statement disclosed that the hackers had maintained access and footholds within some victim IT environments for an extended period.
The statement, signed by the US National Security Agency, US cyber watchdog CISA, the FBI, the Transportation Security Administration, and cybersecurity agencies from Britain, Australia, Canada, and New Zealand, highlights the seriousness of the threat posed by the Volt Typhoon.
Unlike typical espionage-focused cyberattacks, Volt Typhoon’s activities appear geared towards sabotage, raising concerns among officials.
This heightened threat level has prompted discussions between the White House and private technology industry leaders, including telecommunications and cloud computing companies, to seek assistance tracking and mitigating the hackers’ actions.
Eric Goldstein, a senior official at CISA, expressed deep concern about the malicious cyber activity originating from China, emphasizing that most identified victims offer no legitimate espionage value.
The joint statement underscores the urgent need for enhanced cybersecurity measures to defend against such attacks on critical infrastructure.
