Volt Typhoon threat group had access to American utility networks for the best part of a year

LovabledanielsMarch 14, 202558 Views

Latest Volt Typhoon attack discovery raises concerns about OT security culture
Artificial intelligence’s role in attacks continues to worry cybersecurity leaders
Vulnerable OT servers leave SMBs and enterprises open to ransomware attacks and IP theft

Volt Typhoon, a threat group with links to China, had access to Massachusetts’ Littleton Electric Light and Water Departments (LELWD)’s operational technology (OT) network for ten months in 2023.

The intrusion lasted from February to November 2023, yet security researchers at Dragos, who discovered it, moved quickly once it was known; identifying the group’s activities on the server and containing the threat without customer data being compromised.

Data on OT networks, especially where Critical National Infrastructure (CNI) is concerned, is important to lock down. Infosecurity reported on Donovan Tindill, DeNexus’ OT cybersecurity director, explaining that exposed small business servers of this kind allow for the theft of intellectual property, the mapping of utility grid structures, and for data to be leveraged in ransomware attacks.

Staying on top of OT cybersecurity

Experts have been weighing in on the implications of the attack. Tim Mackey, Black Duck’s software supply chain risk strategy head, said that “one of the biggest challenges with cybersecurity in critical infrastructure is the long lifespan of the devices. Something that was designed and tested to the best practices available when it was released can easily become vulnerable to attacks using more sophisticated attacks later in its lifecycle.”

Nathaniel Jones, Darktrace’s VP of threat research, went on to add that the impact of AI tools in attacks on CNI was a “continued and growing concern” for those defending OT networks.

Agnidipta Sarkar, ColorTokens’ VP of CISO advisory, warned attacks were on the rise, but also being dealt with in the wrong way by OT defenders and leaders. “Unfortunately,” they said, “cyber OT leadership is focusing on stopping attacks instead of stopping the proliferation of attacks.”

In case you missed it, TechRadar Pro reported that the complexity of IT systems could be increasing security risks for businesses, and a recent report from Adaptavist revealed that 40% of IT leaders are scared to admit mistakes due to a workplace culture of fear.

Via InfoSecurity

Weekly update

Mercedes-AMG just teased its 1,000bhp Porsche Taycan Turbo GT rival – and it’ll need to dip deep into its performance past to beat it

OpenAI and Microsoft in talks to revise terms and renew partnership, FT reports

Scientists hail new ‘industrially viable technology’ that can squeeze hydrogen from seawater

Weekly Newsletter

Volt Typhoon threat group had access to American utility networks for the best part of a year

Leave a comment

Leave a Reply Cancel reply

Explore more

OpenAI and Microsoft in talks to revise terms and renew partnership, FT reports

Scientists hail new ‘industrially viable technology’ that can squeeze hydrogen from seawater

Ivory Coast opposition leader resigns but vows to still fight for victory | Elections News

Boosie Gets Emotional After Receiving Two Honorary Doctorates

Researchers unveil rapid self-healing electronic skin, paving the way for smarter, tougher wearables

Google Messages is getting another wave of updates – here are 7 you can expect to see soon

FTC and DOJ push for data protection in Google antitrust case

Can an online retailer successfully break into the high fashion market?

Get to Know Us

Let's keep in touch