Volt Typhoon threat group had access to American utility networks for the best part of a year

China
(Image credit: Shutterstock)

  • Latest Volt Typhoon attack discovery raises concerns about OT security culture
  • Artificial intelligence’s role in attacks continues to worry cybersecurity leaders
  • Vulnerable OT servers leave SMBs and enterprises open to ransomware attacks and IP theft

Volt Typhoon, a threat group with links to China, had access to Massachusetts’ Littleton Electric Light and Water Departments (LELWD)’s operational technology (OT) network for ten months in 2023.

The intrusion lasted from February to November 2023, yet security researchers at Dragos, who discovered it, moved quickly once it was known; identifying the group’s activities on the server and containing the threat without customer data being compromised.

Data on OT networks, especially where Critical National Infrastructure (CNI) is concerned, is important to lock down. Infosecurity reported on Donovan Tindill, DeNexus’ OT cybersecurity director, explaining that exposed small business servers of this kind allow for the theft of intellectual property, the mapping of utility grid structures, and for data to be leveraged in ransomware attacks.

Staying on top of OT cybersecurity

Experts have been weighing in on the implications of the attack. Tim Mackey, Black Duck’s software supply chain risk strategy head, said that “one of the biggest challenges with cybersecurity in critical infrastructure is the long lifespan of the devices. Something that was designed and tested to the best practices available when it was released can easily become vulnerable to attacks using more sophisticated attacks later in its lifecycle.”

Nathaniel Jones, Darktrace’s VP of threat research, went on to add that the impact of AI tools in attacks on CNI was a “continued and growing concern” for those defending OT networks.

Agnidipta Sarkar, ColorTokens’ VP of CISO advisory, warned attacks were on the rise, but also being dealt with in the wrong way by OT defenders and leaders. “Unfortunately,” they said, “cyber OT leadership is focusing on stopping attacks instead of stopping the proliferation of attacks.”

In case you missed it, TechRadar Pro reported that the complexity of IT systems could be increasing security risks for businesses, and a recent report from Adaptavist revealed that 40% of IT leaders are scared to admit mistakes due to a workplace culture of fear.

Via InfoSecurity

You might also like

Luke Hughes
Staff Writer

 Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Fortifying the UK’s energy sector: The cybersecurity imperative in an AI-driven future
Representational image of a hacker
The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Sounding the alarm on AI-powered cybersecurity threats in 2025
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
China US flags cropped
Guam's critical infrastructure is under attack - and Volt Typhoon is the top suspect
Latest in Security
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Code Skull
US government warns Medusa ransomware has hit hundreds of critical infrastructure targets
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Latest in News
Jason Sudeikis' Ted Lasso pointing at someone in Ted Lasso season 2
Believe it, baby: Ted Lasso season 4 is officially in development for Apple TV+ – and Jason Sudeikis will reprise his role as the titular soccer coach
Rainbow Six Siege X promotional art.
The Tom Clancy's Rainbow Six Siege X 6v6 mode might finally pull me away from Black Ops 6
A close up of the new web version of Apple Music Classical
Apple Music Classical is now available on the web, but its Mac app is still nowhere in sight
Silent Hill f
Silent Hill f will present players with 'a beautiful yet terrifying choice', and I can't wait to see what it is
Google Chromecast 2
Google is finally rolling out a fix for broken Chromecasts – just as new bugs appear on the Chromecast with Google TV
Garmin Instinct 3 in Neotropic Green
"I'm an idiot": Garmin user reveals how fixing one setting completely changed their training after months of making no progress