Waqas
Cybersecurity firm Dragos has revealed a prolonged cyber attack by the Chinese threat actor Volt Typhoon into the United States electric grid, specifically targeting the Littleton Electric Light and Water Departments (LELWD) in Massachusetts. This breach lasted over 300 days from February to November 2023.
The incident came to light just before Thanksgiving in 2023 when the FBI alerted LELWD to a potential compromise. Following investigations, with assistance from Dragos, revealed that the Volt Typhoon had infiltrated the utility’s systems as early as February 2023.
According to Dragos’s report, during this extensive period, the threat actors collected sensitive operational technology (OT) data, including information on energy grid operations, which could facilitate future disruptive attacks on critical infrastructure.
Volt Typhoon’s Modus Operandi
Volt Typhoon, also known as VOLTZITE, is a Chinese state-sponsored advanced persistent threat group active since at least mid-2021. The group focuses on cyber espionage, primarily targeting US critical infrastructure sectors such as telecommunications and energy. They employ sophisticated techniques to maintain persistent, long-term access to networks while evading detection.
No comments:
Post a Comment