- 칼럼 | AI 에이전트, 지금까지의 어떤 기술과도 다르다
- The $23 Echo Dot deal is a great deal to upgrade your smart home this Black Friday
- Amazon's Echo Spot smart alarm clock is almost half off this Black Friday
- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
CISA Warns Critical Infrastructure Leaders of Volt Typhoon
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a stark warning yesterday to leaders of critical infrastructure organizations regarding the imminent threat posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.”
In collaboration with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners, CISA released a significant advisory on February 7 2024.
The advisory confirmed that Volt Typhoon has been actively infiltrating networks of US critical infrastructure organizations. This infiltration is seen as a strategic move to potentially disrupt or destroy critical services in the event of escalating geopolitical tensions or military conflicts involving the United States and its allies.
According to the advisory, Volt Typhoon has successfully compromised organizations across various sectors, including communications, energy, transportation systems and water and wastewater systems.
Read more on this threat: US Thwarts Volt Typhoon Cyber-Espionage Campaign Through Router Disruption
This infiltration represents a significant business risk not only for organizations in the United States but also for allied countries. In response to this imminent threat, CISA, along with its partners, released a fact sheet on Tuesday aimed at providing executive leaders of critical infrastructure entities with guidance on prioritizing the protection of critical infrastructure and functions.
The fact sheet emphasizes the importance of recognizing cyber-risk as a core business risk, essential for both good governance and national security. It urges leaders to empower cybersecurity teams to make informed resourcing decisions and to implement proactive measures to detect and defend against Volt Typhoon and other malicious cyber activities.
Additionally, leaders are encouraged to secure their supply chains, drive a cybersecurity culture within their organizations and ensure robust incident response plans are in place.
“All employees need more training and yet most companies only do cybersecurity training once a year,” commented Roger Grimes, data-driven defense evangelist at KnowBe4.
“It is this fundamental gap between how we are so often successfully attacked and the resources (i.e. training) used to prevent the attack that allows hackers and their malware programs to be so successful for so long.”