Alleged Chinese cyberattacks target US power and water systems SiliconANGLE
p
UPDATED 1813 EST DECEMBER 11 2023
pp
by
Duncan Riley
ppUS government officers and cybersecurity experts are warning that the Chinese military is allegedly attempting to infiltrate critical infrastructure including power and water utilities and transportation systems in the USppThe Washington Post reported referencing unnamed officials and security experts that hackers allegedly affiliated with Chinas Peoples Liberation Army have burrowed into the computer systems of about two dozen critical entities over the past year The intrusions are said to be part of broader efforts to develop ways to sow panic create chaos and snarl logistics in the event that war breaks out between the US and ChinappThe report claims that victims allegedly targeted by Chinese hackers include a water utility in Hawaii a major West Coast port and at least one oil and gas pipeline The hackers are also said to have attempted to hack the operator of the Texas power grid The alleged victims are not only within the US with several entities outside the US also claimed to have been targetedppSo far at least none of the intrusions was found to affect industrial control systems that operate critical functions However targeting a utility in Hawaii is notable because its the home of the US Pacific Fleet Taking out a utility in the event of war could disrupt efforts to deploy troops and equipmentppThe report while interesting in itself is arguably an update to previous reports particularly reports on the alleged Chinabased statesponsored hacking group Volt Typhoon which it also mentionsppMicrosoft Corp researchers warned in May that Volt Typhoon which has been active since mid2021 was suspected of preparing to disrupt USAsia communication networks in potential crises The sectors the group targets include communications manufacturing utilities transportation construction maritime government information technology and educationppVolt Typhoon campaigns emphasize stealth using advanced techniques such as livingofftheland binaries of LOLBins and handsonkeyboard activity The groups tactics include gathering credentials staging data for exfiltration and maintaining persistence in compromised systems using valid credentialsppThe National Security also published a Joint Cybersecurity Advisory alongside authorities from Australia Canada New Zealand and the UK the socalled Five Eyes countries containing a guide for the tactics techniques and procedures employed in the allegedly Chinese statesponsored attacksppIt is very clear that Chinese attempts to compromise critical infrastructure are in part to preposition themselves to be able to disrupt or destroy that critical infrastructure in the event of a conflict to either prevent the United States from being able to project power into Asia or to cause societal chaos inside the United States to affect our decisionmaking around a crisis Brandon Wales executive director of the Cybersecurity and Infrastructure Security Agency told the Washington Post That is a significant change from Chinese cyber activity from seven to 10 years ago that was focused primarily on political and economic espionageppTHANK YOUppCloudflare reveals growth in internet traffic report and outagesppGenerative AI data analyst startup TextQL raises 41M in seed fundingppNextgeneration bot defense DataDomes Device Check offers advanced protectionppDescope introduces finegrained authorization for enhanced access control flexibilityppWith AppRisk Snyk aims to strengthen collaboration between development and security teamsppStartup VirtualZ says it can connect cloud apps to mainframe data in real timeppCloudflare reveals growth in internet traffic report and outagesppSECURITY BY DAVID STROM 1 HOUR AGOppGenerative AI data analyst startup TextQL raises 41M in seed fundingppAI BY MIKE WHEATLEY 1 HOUR AGOppNextgeneration bot defense DataDomes Device Check offers advanced protectionppSECURITY BY DUNCAN RILEY 1 HOUR AGOppDescope introduces finegrained authorization for enhanced access control flexibilityppSECURITY BY DUNCAN RILEY 1 HOUR AGOppWith AppRisk Snyk aims to strengthen collaboration between development and security teamsppSECURITY BY DUNCAN RILEY 2 HOURS AGOppStartup VirtualZ says it can connect cloud apps to mainframe data in real timeppCLOUD BY PAUL GILLIN 2 HOURS AGOppForgot PasswordppLike Free Content Subscribe to followp
UPDATED 1813 EST DECEMBER 11 2023
pp
by
Duncan Riley
ppUS government officers and cybersecurity experts are warning that the Chinese military is allegedly attempting to infiltrate critical infrastructure including power and water utilities and transportation systems in the USppThe Washington Post reported referencing unnamed officials and security experts that hackers allegedly affiliated with Chinas Peoples Liberation Army have burrowed into the computer systems of about two dozen critical entities over the past year The intrusions are said to be part of broader efforts to develop ways to sow panic create chaos and snarl logistics in the event that war breaks out between the US and ChinappThe report claims that victims allegedly targeted by Chinese hackers include a water utility in Hawaii a major West Coast port and at least one oil and gas pipeline The hackers are also said to have attempted to hack the operator of the Texas power grid The alleged victims are not only within the US with several entities outside the US also claimed to have been targetedppSo far at least none of the intrusions was found to affect industrial control systems that operate critical functions However targeting a utility in Hawaii is notable because its the home of the US Pacific Fleet Taking out a utility in the event of war could disrupt efforts to deploy troops and equipmentppThe report while interesting in itself is arguably an update to previous reports particularly reports on the alleged Chinabased statesponsored hacking group Volt Typhoon which it also mentionsppMicrosoft Corp researchers warned in May that Volt Typhoon which has been active since mid2021 was suspected of preparing to disrupt USAsia communication networks in potential crises The sectors the group targets include communications manufacturing utilities transportation construction maritime government information technology and educationppVolt Typhoon campaigns emphasize stealth using advanced techniques such as livingofftheland binaries of LOLBins and handsonkeyboard activity The groups tactics include gathering credentials staging data for exfiltration and maintaining persistence in compromised systems using valid credentialsppThe National Security also published a Joint Cybersecurity Advisory alongside authorities from Australia Canada New Zealand and the UK the socalled Five Eyes countries containing a guide for the tactics techniques and procedures employed in the allegedly Chinese statesponsored attacksppIt is very clear that Chinese attempts to compromise critical infrastructure are in part to preposition themselves to be able to disrupt or destroy that critical infrastructure in the event of a conflict to either prevent the United States from being able to project power into Asia or to cause societal chaos inside the United States to affect our decisionmaking around a crisis Brandon Wales executive director of the Cybersecurity and Infrastructure Security Agency told the Washington Post That is a significant change from Chinese cyber activity from seven to 10 years ago that was focused primarily on political and economic espionageppTHANK YOUppCloudflare reveals growth in internet traffic report and outagesppGenerative AI data analyst startup TextQL raises 41M in seed fundingppNextgeneration bot defense DataDomes Device Check offers advanced protectionppDescope introduces finegrained authorization for enhanced access control flexibilityppWith AppRisk Snyk aims to strengthen collaboration between development and security teamsppStartup VirtualZ says it can connect cloud apps to mainframe data in real timeppCloudflare reveals growth in internet traffic report and outagesppSECURITY BY DAVID STROM 1 HOUR AGOppGenerative AI data analyst startup TextQL raises 41M in seed fundingppAI BY MIKE WHEATLEY 1 HOUR AGOppNextgeneration bot defense DataDomes Device Check offers advanced protectionppSECURITY BY DUNCAN RILEY 1 HOUR AGOppDescope introduces finegrained authorization for enhanced access control flexibilityppSECURITY BY DUNCAN RILEY 1 HOUR AGOppWith AppRisk Snyk aims to strengthen collaboration between development and security teamsppSECURITY BY DUNCAN RILEY 2 HOURS AGOppStartup VirtualZ says it can connect cloud apps to mainframe data in real timeppCLOUD BY PAUL GILLIN 2 HOURS AGOppForgot PasswordppLike Free Content Subscribe to followp