CISA, alongside key partners such as the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and various U.S. and international entities, revealed a comprehensive joint fact sheet addressing the pressing issue of sponsored cyber activity by the State of the PRC. also known as the PRC-sponsored Volt Typhoon cyber activity.
This collaborative effort aims to provide critical infrastructure managers with essential information and practical guidance to mitigate the risks associated with this situation. cyber threat.
The information sheet, entitled “PRC State-Sponsored Cyberactivity: Actions for Critical Infrastructure Leaders“, was developed in collaboration with leading organizations including the U.S. Department of Energy (DOE), U.S. Environmental Protection Agency (EPA), U.S. Transportation Security Administration (TSA). United States and the US Department of the Treasury, among others.
PRC State-Sponsored Cyberactivity: Actions for Critical Infrastructure Leaders
According to assessments from participating U.S. author agencies, the PRC-sponsored advanced persistent threat group, known as “Volt Typhoon,” is actively seeking to gain a foothold within computer networks using sophisticated techniques, including above-ground life (LOTL).
This preparation is believed to facilitate disruption or destruction. cyber activities target critical infrastructure in the event of heightened geopolitical tensions or military conflicts involving the United States.
The fact sheet highlights the critical nature of the risk posed by Volt Typhoon and provides specific guidance for critical infrastructure managers to strengthen their organizations’ defenses against this threat.
Calling for a proactive approach, CISA and its partners emphasize the importance of familiarizing yourself with the advice provided to effectively protect yourself against potential risks. cyber intrusions.
Actions to Take Against PRC-Sponsored Cyber Typhoon Volt
In addition to highlighting the imminent dangers posed by cyber activity, the fact sheet outlines concrete steps leaders can take to improve their cybersecurity posture. These actions include making informed resource decisions, empowering cybersecurity teams with relevant training and skills development, and conducting regular simulation exercises to ensure readiness.
Furthermore, the information sheet highlights the importance of ensuring the supply chain, advocating for the adoption of security by design principles and fostering a culture of cybersecurity within organizations. By aligning performance management outcomes with cybersecurity goals and encouraging collaboration across departments, leaders can effectively mitigate cyber risks and build overall resilience.
In the event of an incident or suspected incident, the provides clear guidelines for organizations to follow, including implementing their cyber incident response plans and promptly reporting incidents to the appropriate authorities.
Contact information for reporting incidents is provided to U.S. organizations, ensuring rapid coordination and support from agencies such as CISA and the FBI.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber Express assumes no responsibility for the accuracy or consequences of the use of this information.