ACSC Warns of 'Volt Typhoon' Chinese Cyber Threat Targeting US Infrastructure
The Australian Cyber Security Centre (ACSC) has issued a joint advisory with global partners, warning of a new cybersecurity threat named 'Volt Typhoon'. This state-sponsored Chinese actor has been targeting US critical infrastructure, with potential implications for international organisations.
Volt Typhoon uses 'living off the land' tactics, employing built-in Windows tools to blend in with normal system activities. This technique helps the actor avoid detection by endpoint security products and limits logging. Some of the tools used include wmic, ntdsutil, netsh, and PowerShell.
The advisory provides examples of the actor's commands and detection signatures to aid network defenders. However, careful investigation is required as many behavioural indicators can also appear in legitimate system administration. The actor has been active across various US critical infrastructure sectors and could target other sectors worldwide, including private companies, academic institutions, telecommunications, and global supply chains.
The ACSC advisory on Volt Typhoon serves as a crucial warning for international organisations to bolster their cybersecurity measures. By being aware of this actor's tactics and having robust detection and investigation processes in place, networks can better protect themselves from potential threats.
Read also:
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Web3 Esports undergoes transformation as Aylab and CreataChain collaborate for a radical change
- Latest Tech Highlights: Top Gadgets of March 2025
