Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Home Cyber Attacks Chinese APT Volt Typhoon Target U.S. Power Utility in Prolonged Cyberattack
Chinese Hacker Cyber Attacks Dragos Massachusetts Volt Typhoon

Chinese APT Volt Typhoon Target U.S. Power Utility in Prolonged Cyberattack

US law enforcement claims the gang has infiltrated a number of vital infrastructure organisations in the United States, as well as Guam.
Sunday, March 23, 2025

 

Chinese hackers involved in the Volt Typhoon attack spent over a year inside the networks of a major utility company in Littleton, Massachusetts. 

In a report published last week, Dragos, an operational technology (OT) cybersecurity firm, described their work assisting the Littleton Electric Light & Water Department in dealing with what was determined to be part of a larger effort by China's government to preposition their attackers within U.S. critical infrastructure, with the ultimate goal believed to be destructive action taken in the event of a conflict. 

US law enforcement claims the gang has infiltrated a number of vital infrastructure organisations in the United States, as well as Guam. According to Dragos, the Massachusetts utility found its systems had been compromised soon before Thanksgiving in 2023. 

David Ketchen, the utility's assistant general manager, received a phone call from the FBI on a Friday afternoon informing him of a possible compromise. On the following Monday, FBI agents and representatives from the Cybersecurity and Infrastructure Security Agency (CISA) arrived at the company's premises. 

The utility has provided power and water to the towns of Littleton and Boxborough, roughly 30 miles northwest of Boston, for over a century, but has battled in recent years to keep up with the growing amount of cyber threats. They approached Dragos after learning about the Volt Typhoon compromise. A review revealed that the Volt Typhoon had been in the utility's networks since February 2023. 

Dragos discovered evidence of the hackers' lateral movement and data exfiltration, but an investigation indicated that the "compromised information did not include any customer-sensitive data, and the utility was able to change their network architecture to remove any advantages for the adversary.” 

CISA and the FBI have repeatedly warned that the hackers are "looking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States," despite China's denials of any involvement in the Volt Typhoon compromises.
Tags: Chinese Hacker Cyber Attacks Dragos Massachusetts Volt Typhoon
Share it:

Chinese Hacker

Cyber Attacks

Dragos

Massachusetts

Volt Typhoon