TZUTC: -0500   
   MSGID: 1240.consprcy@1:2320/105 2cde3ee3   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   NSA says Volt Typhoon was not successful at persisting in critical   
   infrastructure   
      
   Date:   
   Wed, 16 Jul 2025 15:44:00 +0000   
      
   Description:   
   The Chinese threat actor wanted to lurk in the shadows but was effectively   
   ousted, NSA and FBI claim.   
      
   FULL STORY   
      
   Volt Typhoon, a Chinese state-sponsored threat actor which targeted critical   
   US infrastructure, failed to achieve its main objective - to maintain   
   long-term, invisible persistence on key targets.    
      
   This is according to senior cybersecurity officials from the National    
   Security Agency (NSA) and the Federal Bureau of Investigation (FBI).    
      
   Speaking at the recent International Conference on Cyber Security at Fordham   
   University in New York City, the agents discussed the Typhoon campaign as a   
   whole, and confirmed that it was laying groundwork for a potential escalation   
   of conflict over Taiwan.   
      
   No persistence maintained    
      
   The good news is, they really failed. They wanted to persist in domestic   
   networks very quietly for a very long time so that if and when they needed to   
   disrupt those networks, they could. They were not successful in that    
   campaign, said Kristina Walter, director of the NSAs Cybersecurity   
   Collaboration Center.    
      
   We, with private sector, with FBI, found them, understood how they were using   
   the operating systems, how they're using legitimate credentials to maintain   
   persistence, and frankly, we equipped the entire private sector and U.S.   
   government to hunt for them and detect them.    
      
   Being able to breach security systems and access critical infrastructure   
   should be cause for concern in its own right, though.    
      
   In mid-March 2025, it was reported Volt Typhoon had access to Massachusetts   
   Littleton Electric Light and Water Departments (LELWD)s operational    
   technology (OT) network for ten months in 2023. The intrusion lasted from   
   February to November 2023.    
      
   Before that, in January 2025, Volt Typhoon was allegedly targeting the   
   critical infrastructure of small island nation Guam, looking to disrupt and   
   sabotage services in the region, reportedly targeting the GPA (Guam Power   
   Authority) to wreak havoc on the island, which is home to a large US military   
   base.    
      
    Via The Record   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/nsa-says-volt-typhoon-was-not-successfu   
   l-at-persisting-in-critical-infrastructure   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426