Background

Hackers allegedly connected to the People’s Liberation Army in China are responsible for a series of recent attacks on critical infrastructure in the USA, according to a report first published in the Washington Post.

The attacks on tens of sensitive sites were on locations of extreme importance. Locations such as Hawaii, Guam, the West Coast, and Texas. 

Geopolitical Context

China has been showing appetite towards Taiwan for years. It appears that the communist regime has been looking into ways to prevent a rapid move from the US side in the event of an invasion.

The cyber rivalry between the two countries has been going on since the birth of the internet. Planting seeds and disrupting US critical infrastructure at a specific time could help China get a less effective response from the West if a possible conflict arises. 

CISA Advisory and Volt Typhoon Activities

In a CISA advisory published in the first half of 2023, the US government agency highlighted that Volt Typhoon activities affect networks across USA critical infrastructure sectors, and the recent cyber incidents are no different. The hacker attacks consist of hits at oil and gas pipelines, water and power plants, transportation, and communications bodies.

The US government accepts attacks on utilities and critical infrastructure very seriously. So far, there are no reports of any disruptions caused by the cyberattacks. Still, the NSA has advised government and private organizations to enforce mass password changes and be vigilant for suspicious activity. 

State-Sponsored Cyber Warfare

Even though the attacks caused no visible damage and many details of the incidents appear to be unavailable to the general public, the latest movements are certainly a wake-up call that China is not afraid to poke the USA and its allies. China is not openly admitting they are behind the attacks. But as they are masking their efforts using hacker organizations and compromised routers, experts suggest that those incidents are state-sponsored.

Volt Typhoon Timeline and Targets

The Volt Typhoon attacks have been going on since 2021. Most of the time, the attacks have been on locations of military strategic importance to the United States. The attacks are not only aimed at critical infrastructure but also include other sectors such as construction, education, manufacturing, and education.

The revelations of the latest attacks come mere weeks after China’s Xi Jinping met with President Joe Biden and attended the Asia-Pacific Economic Cooperation (APEC) summit in San Francisco, California.