In the evolving cyberwar, China aims to take down our critical infrastructure


In the shadowy realm of cyber warfare, a formidable force has emerged out of China: an advanced persistent threat (APT) group known as Volt Typhoon. The group’s recent activities represent a concerning strategic shift from conventional espionage to preparing for disruption in the event of significant conflict or crisis.

When examining the nature of their attacks on U.S. soil and territories, the targeted verticals reveal a deliberate undermining of critical lifelines and infrastructure: communications, manufacturing, utilities, and transportation just for starters. So advanced are Volt Typhoon’s techniques, tactics, and procedures (TTPs) that they have repeatedly breached defenses with startling ingenuity over the past five years.

The narrative becomes more chilling when we investigate past events. The 2003 Northeast blackout, previously explained by authorities as a cascade of “technical failures,” may harbor a more sinister subplot: a Chinese-deployed cyber worm, known as “Welchia,” potentially exacerbated or synchronized with the grid’s turmoil. My team’s discovery of this network threat in the early 2000s paints a portrait of a long-engaged Chinese cyber adversary…

Read More…