On February 6, 2024, Dutch intelligence agencies MIVD and AIVD reported that Chinese hackers had placed 'Coathanger' malware within an armed forces network used for unclassified research. This incident is part of a wider strategy of 'pre-positioning' by China's cyberattackers, targeting U.S. and allied military networks, including critical infrastructure, to facilitate quick actions in potential conflicts such as one over Taiwan. On February 7, 2024, the UK and allies issued warnings about sophisticated cyber techniques used to camouflage activity on victims' networks. A comprehensive advisory, released on February 8, 2024, by U.S. agencies including CISA, NSA, FBI, and international partners, addresses the threat posed by PRC state-sponsored cyber actors, specifically 'Volt Typhoon', who have compromised and maintained persistent access to U.S. critical infrastructure. The CISA cybersecurity advisory suggests that the current findings are likely just the beginning of uncovering China's cyber threat.
FBI, NSA and CISA officials warn that Volt Typhoon actors are "pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions." https://t.co/MFRrYqyJrw https://t.co/nvOUXzkGrC
China ‘Pre-Positioning’ Malware for Attacks on US Infrastructure During Conflict: CISA https://t.co/2m8u2rJMOV #CCP
Ransomware attacks are on the rise, targeting everyone from businesses to individuals. We must strengthen our cybersecurity systems to protect our infrastructure, our economy, and American families. https://t.co/zlRXB9RwxB
China-linked APT Volt Typhoon remained undetected for years in US infrastructure: https://t.co/JgcaZcETqx by Security Affairs #infosec #cybersecurity #technology #news
The National Cyber Security Centre has issued a warning about state-sponsored cyber-attackers hiding on critical infrastructure networks. Read more about it here. https://t.co/IMca69v0Zz #NCSC | #Cyber | #Report
US says China's Volt Typhoon is readying destructive cyberattacks https://t.co/9atx5bPrKw via @theregister
The #FBI & its partners released a new #Cybersecurity Advisory warning that cyber actors associated with the People’s Republic of China are attempting to pre-position for cyberattacks against critical infrastructure in the event of a conflict with the U.S.https://t.co/qNC1yRZSLu https://t.co/0HvOoqdWxr
China's Cyberattackers Maneuver to Disrupt US Critical Infrastructure: https://t.co/EkAhvmn4P7 by darkreading #infosec #cybersecurity #technology #news
Volt Typhoon not the only Chinese crew lurking in US energy, critical networks https://t.co/qCoxdGu0Pp via @theregister
Volt Typhoon not the only Chinese crew lurking in US energy, critical networks https://t.co/7yIA3vfONV
(1/3) I strongly urge everyone to take note of new intelligence revealing the growing threat CCP hacking poses to the U.S. Volt Typhoon hackers aren't amateurs tinkering with computers. https://t.co/aE23osakEy
CISA cybersecurity advisory: “PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure” https://t.co/fU8iqqBtVc pdf 👉🏻https://t.co/c2YorTBk0x https://t.co/rF1LOSOqMC https://t.co/v27AYnnM8P
CISA, FBI, DOE, and TSA just held a media briefing about today's cybersecurity advisory on China's targeting of U.S. and allied critical infrastructure (https://t.co/UZ6s2eW3Eo). A few highlights below...
Along with @NSACyber, @FBI, @ENERGY, @EPA, @TSA, @CyberGovAU, @cybercentre_ca, @NCSC & NCSC-NZ, we published an advisory on how to protect against cyber threats from People’s Republic of China (PRC) state-sponsored cyber actor #VoltTyphoon 👉 https://t.co/tTqWCQ9yw2 https://t.co/M77xh0cFYn
“The UK and allies have issued a fresh warning to critical infrastructure operators today (Wednesday) about the threat from cyber attackers using sophisticated techniques to camouflage their activity on victims’ networks.” https://t.co/wHSEo4oaKO
🚨Chinese cyber threat actors pre-position themselves for disruptive or destructive cyberattacks targeting critical infrastructure in the event of a major conflict with the U.S. New report from @CISAgov, @NSACyber, + @FBI—quick summary below. https://t.co/0iQXZ8bKoa
I testified to Congress last week about China’s threat to our nation’s critical infrastructure. Today, with our partners, we showed part of this threat in our Volt Typhoon advisory: https://t.co/HIBQ4Ir1LS What we’ve found to date is likely the tip of the iceberg. https://t.co/VGPkzF2UaL
People’s Republic of China-sponsored actors are targeting U.S. critical infrastructure, pre-positioning for disruptive actions. We’ve joined with @CISACyber, @FBI, and others to address this activity. Read our advisory now: https://t.co/6flwPx35Gx https://t.co/bUTCPaaD0N
China's cyberattackers target US and allied militaries with "pre-positioning", which means placing soldiers and weapons — or embedding malware in online networks—to enable fast action in conflict, such as US backing Taiwan if China invades @dktatlow https://t.co/iJnI9jGgbx
According to a rare announcement from Dutch intel agencies MIVD and AIVD, 🇨🇳 hackers had placed malware that cloaked its own activity inside an armed forces network used by 50 people for unclassified research. The malware, dubbed “Coathanger”, appeared able to conceal its own… https://t.co/tNoZo9KxIV