CISA Alerts: Advisory On PRC State-Sponsored Cyber Activity

U.S. agencies warn: PRC-sponsored group employs advanced LOTL tactics to infiltrate IT networks.

by Ashish Khaitan March 20, 2024 in Firewall Daily, Threat Intelligence News Reading Time: 3 mins read 0

596 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

, alongside key partners such as the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and various U.S. and international entities, has revealed a comprehensive joint fact sheet addressing the pressing issue of , also known as PRC Sponsored Volt Typhoon Cyber Activity.

This collaborative effort aims to equip critical infrastructure leaders with essential insights and actionable guidance to mitigate the risks associated with this cyber threat.

The fact sheet, titled “PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders,” has been developed in conjunction with prominent organizations including the U.S. Department of Energy (DOE), the U.S. Environmental Protection Agency (EPA), the U.S. Transportation Security Administration (TSA), and the U.S. Department of Treasury, among others.

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders

Source: CISA

According to assessments by the participating U.S. authoring agencies, the PRC-sponsored advanced persistent threat group known as “Volt Typhoon” is actively seeking to establish a foothold within IT networks using sophisticated techniques, notably living off the land (LOTL) strategies. 

This preparation is believed to facilitate disruptive or destructive cyber activities targeting critical infrastructure in the event of heightened geopolitical tensions or military conflicts involving the United States.

The fact sheet highlights the critical nature of the risk posed by the Volt Typhoon and provides specific guidance for critical infrastructure leaders to bolster their organizations' defenses against this threat.

Urging a proactive approach, CISA and its partners emphasize the importance of familiarizing oneself with the provided guidance to effectively safeguard against potential cyber intrusions.

Steps to Take Against PRC-Sponsored Volt Typhoon Cyber

In addition to highlighting the imminent dangers posed by Cyber Activity, the fact sheet outlines actionable steps that leaders can take to enhance their cybersecurity posture. These actions include making informed resourcing decisions, empowering cybersecurity teams with relevant training and skill development, and conducting regular tabletop exercises to ensure preparedness.

Furthermore, the fact sheet emphasizes the importance of securing the supply chain, advocating for the adoption of secure by design principles, and fostering a cybersecurity culture within organizations. By aligning performance management outcomes with cybersecurity goals and encouraging collaboration across departments, leaders can effectively mitigate cyber risks and strengthen their overall resilience.

In the event of an incident or suspected incident, the provides clear guidelines for organizations to follow, including implementing their cyber incident response plans and promptly reporting incidents to relevant authorities.

Contact information for reporting incidents is provided for U.S. organizations, ensuring timely coordination and support from agencies such as CISA and the FBI.


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button