Subj : NSA says Volt Typhoon was
To   : All
From : Mike Powell
Date : Thu Jul 17 2025 09:09 am

NSA says Volt Typhoon was not successful at persisting in critical
infrastructure

Date:
Wed, 16 Jul 2025 15:44:00 +0000

Description:
The Chinese threat actor wanted to lurk in the shadows but was effectively
ousted, NSA and FBI claim.

FULL STORY

Volt Typhoon, a Chinese state-sponsored threat actor which targeted critical
US infrastructure, failed to achieve its main objective - to maintain
long-term, invisible persistence on key targets.

This is according to senior cybersecurity officials from the National
Security Agency (NSA) and the Federal Bureau of Investigation (FBI).

Speaking at the recent International Conference on Cyber Security at Fordham
University in New York City, the agents discussed the Typhoon campaign as a
whole, and confirmed that it was laying groundwork for a potential escalation
of conflict over Taiwan.

No persistence maintained

The good news is, they really failed. They wanted to persist in domestic
networks very quietly for a very long time so that if and when they needed to
disrupt those networks, they could. They were not successful in that
campaign, said Kristina Walter, director of the NSAs Cybersecurity
Collaboration Center.

We, with private sector, with FBI, found them, understood how they were using
the operating systems, how they're using legitimate credentials to maintain
persistence, and frankly, we equipped the entire private sector and U.S.
government to hunt for them and detect them.

Being able to breach security systems and access critical infrastructure
should be cause for concern in its own right, though.

In mid-March 2025, it was reported Volt Typhoon had access to Massachusetts
Littleton Electric Light and Water Departments (LELWD)s operational
technology (OT) network for ten months in 2023. The intrusion lasted from
February to November 2023.

Before that, in January 2025, Volt Typhoon was allegedly targeting the
critical infrastructure of small island nation Guam, looking to disrupt and
sabotage services in the region, reportedly targeting the GPA (Guam Power
Authority) to wreak havoc on the island, which is home to a large US military
base.

Via The Record

======================================================================
Link to news story:
https://www.techradar.com/pro/security/nsa-says-volt-typhoon-was-not-successfu
l-at-persisting-in-critical-infrastructure

$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.