Sen. J. D. Vance (R-OH) addressed a security firm on Friday with a letter describing problems with vital infrastructure in the United States and how the company is responding to Volt Typhoon, a state hacking group supported by the Chinese government.
Vance addressed Cybersecurity & Infrastructure Security Agency ( CISA ) Director Jen Easterly about how critical American infrastructure is being” under attack” by the Chinese government’s” state-sponsored hacker group known as Volt Typhoon,” according to a letter Vance obtained from Breitbart News. The Ohio lawmaker claimed that an attack by Volt Typhoon would have devastating effects on American facilities:
Our country would be thrown into disarray at the exact moment that it is being attacked by international enemies because of a full-scale Volt Typhoon attack on critical infrastructure. By preventing access to our military installations and crucial supply chains, a Volt Typhoon attack’s potential effects would probably include a threat to the United States military.
Sen. Vance Letter to CISA 5.10 by Breitbart News on Scribd
Since being first publicly identified by Microsoft in May 2023, Volt Typhoon has” compromised hundreds of thousands of tools,” according to Vance. In June 2023, the National Security Agency ( NSA ), CISA, FBI, and other international cybersecurity agencies issued a Cybersecurity Advisory ( CSA ) about Volt Typhoon’s capacity to attack critical infrastructure. CISA issued a recommendation on best practices for protecting its devices from Volt Typhoon in March 2024.
Rob Ames, a team risk scholar at SecurityScorecard, explained that Volt Typhoon usually uses more “hands- on keyboard techniques” than typically relying on activity exploited by malware.
” Essential system” businesses are especially vulnerable to Volt Typhoon hackers. These sectors, which include communications systems, electricity production, and government facilities, are” considered so essential to the United States that their incapacitation or destruction may have a devastating effect on security, federal financial security, national public health or safety, or any combination thereof”.
Vance wrote about Volt Typhoon’s danger:
According to experts, the team has been using malicious software that can penetrate internet-connected systems to attack critical equipment in the United States since mid-2020. On January 31, 2024, the FBI reported that it had disrupted some of Volt Typhoon’s activities by removing the team’s ransomware from some little business devices.
But, on February 7, 2024, CISA, the FBI, and other U.S. authorities warned that Volt Typhoon was “pre-positioning on critical equipment networks” to “enable disturbance or loss of essential services in the event of increased political tensions.”
Vance requested East respond to these questions in order to better understand the risk associated with Volt Typhoon:
1. What is CISA’s knowledge of how Volt Typhoon became embedded in U. S. important system?
2. What led CISA to issue a public reminder about the significant threat posed by Volt Typhoon earlier this year?
3. How some U. S. public or private vital system companies in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems fields are impacted by Volt Typhoon?
4. Are Volt Typhoon’s another crucial infrastructure areas having an impact? If so, what industries besides those listed in response to question 3?
5. According to reports, CISA has collaborated with business risk management organizations to communicate with each industry about Volt Typhoon. Which companies specifically?
6. Which Information Sharing and Analysis Centers ( ISACs ) are aware of Volt Typhoon?
7. How many unique network devices in the United States have been or are putting up potential damage from Volt Typhoon?
8. What tactics have been proposed and/or implemented by CISA and/or business risk management organizations in response to question 5 to lessen the threat of Volt Typhoon?
9. Since January 1, 2023, how many calls has the company received to CISA’s 24/7 Operations Center regarding Volt Typhoon?
The State Department’s ambassador at large for cyberspace and modern policy, Nathaniel Fick, stated in May that American and Chinese officials had discussions about the Volt Typhoon espionage campaign that focused American essential infrastructure.
According to Fick, Secretary of State Antony Blinken stated in a statement that he was “very clear that holding American critical infrastructure in danger, particularly civilian critical infrastructure,” that is “very dangerous.” It’s escalatory. It’s unacceptable”.
For Breitbart News, Sean Moran covers policy reporting. Follow him on Twitter , @SeanMoran3.
