TZUTC: -0500   
   MSGID: 463.consprcy@1:2320/105 2c39f44e   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Volt Typhoon threat group had access to American utility networks for the    
   best part of a year   
      
   Date:   
   Fri, 14 Mar 2025 14:49:00 +0000   
      
   Description:   
   2023 saw the Chinese threat group Volt Typhoon get access to public power and   
   water utilities in Massachusetts for 10 months.   
      
   FULL STORY   
   ======================================================================   
    - Latest Volt Typhoon attack discovery raises concerns about OT security   
   culture   
    - Artificial intelligences role in attacks continues to worry cybersecurity   
   leaders   
    - Vulnerable OT servers leave SMBs and enterprises open to ransomware attacks   
   and IP theft   
      
   Volt Typhoon, a threat group with links to China, had access to Massachusetts   
   Littleton Electric Light and Water Departments (LELWD)s operational    
   technology (OT) network for ten months in 2023.    
      
   The intrusion lasted from February to November 2023, yet security researchers   
   at Dragos, who discovered it, moved quickly once it was known; identifying    
   the groups activities on the server and containing the threat without    
   customer data being compromised.    
      
   Data on OT networks, especially where Critical National Infrastructure (CNI)   
   is concerned, is important to lock down. Infosecurity reported on Donovan   
   Tindill, DeNexus OT cybersecurity director, explaining that exposed small   
   business servers of this kind allow for the theft of intellectual property,   
   the mapping of utility grid structures, and for data to be leveraged in   
   ransomware attacks.   
      
   Staying on top of OT cybersecurity    
      
   Experts have been weighing in on the implications of the attack. Tim Mackey,   
   Black Ducks software supply chain risk strategy head, said that one of the   
   biggest challenges with cybersecurity in critical infrastructure is the long   
   lifespan of the devices. Something that was designed and tested to the best   
   practices available when it was released can easily become vulnerable to   
   attacks using more sophisticated attacks later in its lifecycle.    
      
   Nathaniel Jones, Darktraces VP of threat research, went on to add that the   
   impact of AI tools in attacks on CNI was a continued and growing concern for   
   those defending OT networks.    
      
   Agnidipta Sarkar, ColorTokens VP of CISO advisory, warned attacks were on the   
   rise, but also being dealt with in the wrong way by OT defenders and leaders.   
   Unfortunately, they said, cyber OT leadership is focusing on stopping attacks   
   instead of stopping the proliferation of attacks.    
      
   In case you missed it, TechRadar Pro reported that the complexity of IT   
   systems could be increasing security risks for businesses , and a recent   
   report from Adaptavist revealed that 40% of IT leaders are scared to admit   
   mistakes due to a workplace culture of fear .    
      
   Via InfoSecurity   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/volt-typhoon-threat-group-had-access-to   
   -american-utility-networks-for-the-best-part-of-a-year   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426