The FBI and Cybersecurity and Infrastructure Security Agency confirmed the state-sponsored threat actor Volt Typhoon compromised the IT environments of multiple critical infrastructure providers in the U.S. The group and other China state-linked actors are operating a broad campaign to sow panic and disruption in preparation for a possible military attack in the Asia-Pacific region.
The agencies issued a detailed warning with key international partners, warning the threat group has already embedded itself inside the systems of numerous transportation, energy, communications and water and wastewater providers, using so-called living off the land techniques that are designed to hide malicious activity.