Feds Confirm Remote Killing of Volt Typhoon's SOHO Botnet
The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.
Critical infrastructure depends on interconnected operational systems, where cyber incidents can disrupt essential services, safety, and availability.
Search across headline titles and summaries.
Background for this topic.
Critical infrastructure includes systems and assets vital for public health, safety, and economic stability, such as power grids, water treatment, transportation networks, and healthcare facilities. These systems often combine physical components with industrial control systems (ICS) and operational technology (OT) that manage essential services in real time.
From an information-security perspective, critical infrastructure faces risks like unauthorized access to control systems, disruption of service availability, and manipulation of sensor data. Defending these assets requires specialized security measures tailored to ICS environments, including network segmentation, strict access controls, and continuous monitoring for anomalies. Ensuring resilience also involves coordinated efforts between operators and government agencies to address vulnerabilities unique to legacy systems and proprietary protocols.
The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.
The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell.
Threat actors linked to the People's Republic of China, such as Volt Typhoon, continue to "pre-position" themselves in the critical infrastructure of the United States, according to military and law enforcement officials.
It is imperative that healthcare and health-tech companies move beyond reactive measures and adopt a proactive stance in safeguarding sensitive patient information.
Cybersecurity Maturity Model Certification (CMMC) and a harden, detect, and respond mindset are key to protecting defense and critical infrastructure companies.
The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.
As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated.