Skip to content
Close
SEARCH
CONTACT
PHONE HOTLINE: (877) 487-3783E-MAIL: sales@datalinknetworks.net
Get Started
PHONE HOTLINE: (877) 487-3783E-MAIL: sales@datalinknetworks.net
Get Started
Security & Compliance
Cloud & Software Solutions
Managed IT Services
Communication and Collaboration
Network Solutions
Data Center Services
See All Services
M365 Business Plans
Exchange Plans
O365 Enterprise Plans
M365 Enterprise Plans
Security Mobility Plans
COPILOT ADD-ONS
MICROSOFT AZURE
barrcuda icon
EMAIL PROTECTION
Product Catalog
SEE ALL PRODUCTS
cybersecurity graphic
Megan HollandJul 19, 2024 2:23:00 PM5 min read

US Warns of Permanent Shift in Cyber Threat Landscape

US Warns of Permanent Shift in Cyber Threat Landscape
5:10

"The recent revelations of cyber activities by the Chinese-backed hacking group Volt Typhoon have sparked concerns among US officials, indicating a significant shift in the landscape of cyber threats. This activity highlights a fundamental change in the objectives and methods of state-sponsored cyber operations."

 

 cybersecurity awareness training

 

An emerging cyber threat landscape

 

Over the years, state-sponsored hacking activities have typically focused on strategic and industrial espionage. Whether carried out by official government entities or independent groups backed by national governments, these actors primarily aimed to infiltrate systems to steal valuable data.

This could involve breaching government systems housing sensitive information or extracting corporate trade secrets for economic advantage. While rare instances like the 2014 Sony Pictures breach, attributed to North Korean actors, may have involved direct sabotage, such attacks were not typically aimed at critical infrastructure.

Cyber warfare, exemplified by events like the 2017 Russian attacks on Ukrainian targets (WannaCry, NotPetya), have often been tactical in nature, aiming to disrupt an enemy's war-fighting capabilities.

However, the recent activities of Volt Typhoon, as outlined in a February 2024 cybersecurity advisory from the US Cybersecurity & Infrastructure Security Agency (CISA), mark a significant departure.

This group has targeted and maintained access to critical infrastructure systems that may not hold traditional espionage value but could prove strategically vital in times of heightened conflict.

 

Strategic placement of resources

The purpose behind this operation is clear - in the face of escalating tensions or potential armed conflict with the United States, the People’s Republic of China is strategically positioning itself to disrupt critical infrastructure and industrial capabilities.

 "According to Brandon Wales, Executive Director of CISA, Chinese efforts to compromise critical infrastructure are aimed at disrupting or destroying it during conflict, affecting U.S. power projection into Asia or causing societal chaos."

“That is a significant change from Chinese cyber activity from seven to 10 years ago that was focused primarily on political and economic espionage.” — The Washington Post

 

A shift for the future of cybersecurity

The Volt Typhoon threat is a significant concern for cybersecurity, and it’s essential to take proactive measures to protect critical infrastructure. Here are some key actions recommended by the Cybersecurity and Infrastructure Security Agency (CISA) to mitigate the risk of Volt Typhoon activity:

  1. Apply Patches: Ensure timely patching for internet-facing systems. Prioritize critical vulnerabilities in appliances that are frequently targeted by Volt Typhoon. This includes routers, VPNs, and firewalls with known or zero-day vulnerabilities.

  2. Implement Phishing-Resistant MFA: Use multi-factor authentication (MFA) for all critical systems. Implementing a zero-trust architecture can further reduce the risk of intrusions using stolen credentials.

  3. Enable Logging: Turn on logging for application, access, and security logs. Storing logs centrally is crucial for detecting and investigating intrusions promptly.

  4. Plan for End-of-Life Technology: Consider the end-of-life status of devices. Even after reaching end-of-life, edge devices and hardware may continue to function in US-based systems. Regularly scan for vulnerabilities and address them appropriately.

Remember that Volt Typhoon employs living-off-the-land (LotL) techniques, making it essential to stay vigilant and follow these guidelines to enhance cybersecurity defenses

 

Hopeful Outlook

Despite the concerning shift in the cybersecurity landscape, recent discussions at the RSA conference and interviews with The Record have shed light on a more optimistic outlook. Marine Corps Maj. Gen. Loran Mahlock emphasized that the adversaries are not invincible giants, and with collaborative efforts and innovative thinking from industry partners, we have the advantage to combat the evolving threats effectively.

Eric Goldstein from CISA highlighted the intention to showcase the progress made in defending against groups like Volt Typhoon. By publicly recognizing the strides made in fortifying critical infrastructure, the government seeks to bolster trust in our cybersecurity resilience.

How We Can Help

Amidst these evolving cyber threats like Volt Typhoon's recent activities, safeguarding critical infrastructure has never been more crucial. Our free security assessment offers a vital first step in understanding and mitigating these risks. Gain clarity and confidence in your organization's security posture with Datalink Networks—empowering informed decisions to protect your future.


Check out our security assessment: your key to understanding your risks

New call-to-action

 
avatar

Megan Holland

COMMENTS

RELATED ARTICLES