Actu
Expert Comment: Chinese espionage group VoltTyphoon spying on Western CNI
May 2023 by Sylvain Cortes, VP Strategy at Hackuity
News has emerged from Microsoft that China has been spying on Critical Western Infrastructure since at least mid-2021, as it tracks espionage group, Volt Typhoon.
Their targets and breached entities span a wide range of critical sectors, including government, maritime, communications, manufacturing, information technology, utilities, transportation, construction, and education.
Sylvain Cortes, VP Strategy at Hackuity notes that threat actors such as Volt Typhoon thrive on exploiting zero-day vulnerabilities due to the lack of knowledge around them…
"Persistent threat actors like Volt Typhoon, which have been acting against critical national infrastructure since 2021 according to Microsoft, thrive on the exploitation of zero-day vulnerabilities and the lack of visibility around them.
There are a variety of motivations for these nation-state attackers, but their modus operandi is to cause minimum noise and maximum disruption. By the time victims uncover the threat, the attack is often fully underway or, worse, has already achieved its mission.
To maximise preventative measures, organisations must develop routine vulnerability prioritization to stay one step ahead of attackers. Now more than ever, organisations need to lean into always-on, automated Vulnerability Management. The alternative: discovering a nation-state attack running since at least mid-2021 in mid-2023."
