BTW.Media
Strategic Internet IntelligenceMay 11, 2026
Sign InRegister

Trends

China-backed hackers hid inside US critical infrastructure for ‘at least five years’

According to a report released by Microsoft in May 2023, Typhoon Volt has been targeting and damaging critical infrastructure in the U.S. since at least mid-2021. Potential dangers A coalition of US intelligence agencies said on February 7 that Chinese-backed hackers had access to critical US infras…

china hacker
AuthorBTW Editorial
Reading Time3 min
PublishedFebruary 8, 2024
Primary DomainN/A
Content TypeN/A
TopicN/A
EntityN/A
RegionN/A
Time HorizonN/A
ImpactN/A
ConfidenceN/A

Headline

According to a report released by Microsoft in May 2023, Typhoon Volt has been targeting and damaging critical infrastructure in the U.S. since at least mid-2021. Potential dangers A coalition of US intelligence agencies said on February 7 that Chinese-backed hackers had access…

Context

According to a report released by Microsoft in May 2023, Typhoon Volt has been targeting and damaging critical infrastructure in the U.S. since at least mid-2021. A coalition of US intelligence agencies said on February 7 that Chinese-backed hackers had access to critical US infrastructure for “at least five years” with the long-term goal of launching “damaging” cyber attacks.

Evidence

Pending intelligence enrichment.

Analysis

The NSA, cisa and FBI said in a joint report released on Wednesday that the Volta Typhoon is a hacking group funded by the Chinese government that has been breaking into the networks of aviation, rail, public transportation, highways, maritime, pipeline, water and sewage organizations, none of which were named, The goal is to prepare for a devastating cyberattack. The agencies mark a “strategic shift” from traditional cyber espionage or intelligence gathering by China-backed hackers, who are instead preparing to disrupt combat techniques in the event of a major conflict or crisis. Also read: FBI Alerts on Escalating Threat of Dual Ransomware Attacks The report, co-signed by cybersecurity agencies in Britain, Australia, Canada and New Zealand, comes a week after FBI Director Christopher Wray issued a similar warning. Christopher Wray, speaking at a U.S. House of Representatives committee hearing on the cyber threat posed by China, called Typhoon Volta “the defining threat to our generation” and said the group’s goal was to “disrupt our military’s ability to mobilize” in the early stages of an expected conflict over Taiwan.

Key Points

  • China-backed hackers have had access to critical U.S. infrastructure for “at least five years,” with the long-term goal of launching “destructive” cyberattacks.
  • The agencies mark a “strategic shift” in Chinese-sponsored hacking or intelligence gathering, as they prepare to disrupt combat technology in the event of a major conflict or crisis.
  • The Volt Typhoon has been exploiting vulnerabilities in routers, firewalls and VPNS to gain initial access to critical infrastructure across the country and, in some cases, the ability to tap into critical infrastructure’s camera surveillance systems.

Actions

Pending intelligence enrichment.

Author

Editorial author not yet assigned.