Today, CISA, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other U.S. and international partners are issuing a joint fact sheet, People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders. Partners of this publication include:Â

U.S. Department of Energy (DOE)Â

U.S. Environmental Protection Agency (EPA)Â

U.S. Transportation Security Administration (TSA)Â

U.S. Department of Treasury Â

Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)Â

Canadian Centre for Cyber Security (CCCS) a part of the Communications Security Establishment (CSE)Â

United Kingdom’s National Cyber Security Centre (NCSC-UK)Â

New Zealand’s National Cyber Security Centre (NCSC-NZ)Â

The U.S. authoring agencies assess that the PRC-sponsored advanced persistent threat group known as “Volt Typhoon” are seeking to pre-position themselves—using living off the land (LOTL) techniques—on IT networks for disruptive or destructive cyber activity against U.S. critical infrastructure in the event of a major crisis or conflict with the United States. The fact sheet warns critical infrastructure leaders of the urgent risk posed by Volt Typhoon and provides guidance on specific actions to prioritize the protection of their organization from this threat activity. Â

CISA and its partners strongly urge critical infrastructure organizations leaders to read the guidance provided in the joint fact sheet to defend against this threat. For more information on Volt Typhoon related activity, see PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and Mitigating Living off the Land Techniques. To learn more about secure by design principles and practices, visit Secure by Design

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Biden executive order seeks to cut China off from Americans’ sensitive data

February 28, 2024 0 Comments 0 tags

President Joe Biden will issue an executive order Wednesday that will bar companies and individuals in the United States from selling certain types of large sensitive datasets to six countries:

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

February 20, 2024 0 Comments 0 tags

U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120

Fifth of British Kids Have Broken the Law Online

February 19, 2024 0 Comments 0 tags

A new National Crime Agency study reveals 20% of 10- to 16-year-olds have violated the Computer Misuse Act