Barrier Networks have warned critical infrastructure organisations to “prioritise their defences” as a result of the US government taking the decision to fight Volt Typhoon.
Volt Typhoon is a Chinese hacking operation that has managed to compromise thousands of internet-connected devices thus far, as per two Western security officials who have their fingers on the pulse of the situation.
Speaking about the news, Ian McGowan, managing director at Barrier Networks, said that critical infrastructure organisations need to be especially careful and believes that the US now share the same concerns of many in regards to Volt Typhoon.
“In the last few months, the Five Eyes countries have warned about Volt Typhoon, with the NCSC recently urging operators of UK CNI to bolster their defences against the operation,” McGowan said. “In this latest update, it’s clear the US has grown increasingly concerned about the threat Volt Typhoon exposes its critical infrastructure to and is working to disband the adversary.
“All countries carry out cyber espionage to monitor threat activity today, but these situations can become particularly volatile when adversaries gain access systems with the aim of stealing information, or disrupting critical services.
“Nation states understand that they can easily cause harm to a country via cyberattacks; there is no longer a need to have a physical presence in a target to cause damage.
“All critical organisations across the world have migrated their operations to digital today, yet this has made them more vulnerable to attack. Gas facilities use automated tools to manage critical processes, while electrical plants rely on automated tools to control the electricity supply into peoples’ home.
“But, if attackers find a way to get access to these systems, they can shut down these key services, causing serious damage to a country and its citizens.
“Critical infrastructure organisations must use this latest news around Volt Typhoon to prioritise their defences against any adversary, regardless of whether they are cybercriminals or state sponsored attackers. The US is not the only target.
“Volt Typhoon utilises live off the land techniques to gain access to systems, so protecting against these weaknesses is a priority. This means patching systems, so they are secured against vulnerabilities, training employees on cyber threats, using MFA to bolster the security of user credentials, and implementing network segmentation to stop attackers spreading.”
