Tag: volt typhoon
FBI unplugs Chinese hackers
The US Justice Department and FBI have completed a law enforcement operation to delete Chinese malware from approximately 4,258 U.S.-based computers and networks. The international operation was led by French law enforcement and France-based private cybersecurity company Sekoia.io. According to court documents unsealed in the Eastern District of Pennsylvania, a group of hackers paid by the People’s Republic of China (PRC), known as “Mustang Panda” and “Twill Typhoon,” used a version of PlugX malware to infect, control, and steal information from victim computers. Since at least 2014, Mustang Panda hackers have infiltrated thousands of computer systems in campaigns targeting US victims, European and Asian governments and businesses, and Chinese dissident groups.
China and Iran launch lethal attacks on US infrastructure
The White House has issued an urgent appeal to all US state governors to prepare to cope with their water systems being attacked and taken down by Chinese cyber-attacks. Iran, which has honed its industrial espionage techniques via consistent attacks on Israel’s infrastructure, is also proving effective in taking down water facilities in the US. The letter from the White House contains a stark warning that attacks on US water facilities are no longer a potential threat but an increasingly frequent event with real-world consequences. It was signed by the Assistant to the President for National Security Affairs, Jake Sullivan, and by Environmental Protection Agency Administrator Michael S. Regan.
CISA Warns of “Volt Typhoon” Group Targeting Critical Infrastructure – March 21st
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Chinese-linked "Volt Typhoon" group, which is targeting critical infrastructure. The CISA warning, issued in collaboration with the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), confirmed the recent critical infrastructure attacks initiated by “Volt Typhoon” and the group's tactics and motives.
Critical infrastructure under increased attack
France-based Schneider Electric became the latest utility company to succumb to a ransomware attack on January 17, when some of its business divisions serving several critical industries were taken down. Although access to the system was eventually re-opened on January 31st, the incident underlines the growing seriousness of cyber-attacks aimed at the West’s critical infrastructure. Schnieder Electric has an annual turnover of over 42 billion and employs over 150,000 people. The ransomware attack on Schneider Electric coincides with news that, in the US, the Federal Bureau of Investigation (FBI) has recently neutralized a botnet controlled by a Chinese threat group. The White House had previously authorized the FBI to take down the botnet after federal agencies and private sector researchers had accused cyberespionage gang Volt Typhoon of a major campaign aimed at a wide range of the US’s critical infrastructure.
CISA and EPA Launch Water Sector Cyber Toolkit – February 2nd
CISA and EPA Launch Water Sector Cyber Toolkit Amid the recent string