SAN FRANCISCO - Even if the U.S. government eventually ejects a notorious Chinese hacking operation that has tunneled into critical infrastructure entities, the sweeping digital campaign has permanently altered the cyberthreat landscape, federal officials say.
The hacking activity, labeled Volt Typhoon, remains a major focus of federal national security leaders, who have scrutinized the group's capabilities as well as its intent - to cause disruption and sow societal panic, especially in the event of a military conflict - and concluded Beijing will not back away from that approach in the future.
The end result is that China has moved beyond the traditional goal of nation-state hacking operations - spying on an adversary - into something more sinister, the officials say.
The shift in mindset is accompanied by techniques that could be emulated by other foreign adversaries.
While Microsoft surfaced the threat of Volt Typhoon roughly a year ago, it didn't register with the larger public until January when the Justice Department revealed the group had hacked into hundreds of office and home office routers to allow the Chinese government to access their data.
State-backed breaches, with a desire to compromise insecure or end-of-life devices to then pivot into more sensitive networks, could well become the new norm is an assessment shared by law enforcement.
FBI Director Christopher Wray revealed earlier this year that authorities had kicked Russian government hackers out of a network of more than 1,000 home and small business routers in an action dubbed Operation Dying Ember.
Despite the DOJ's takedown of Volt Typhoon earlier this year, the federal government has yet to fully grasp the full scope and scale of the group's nefarious work, and the full extent of it may not be known for some time.
What's more, the state-backed threat actor could have re-tooled after the law enforcement action - like others have done in the past - creating new tactics and methods to hold the country's critical infrastructure at risk.
CISA's Goldstein said that, as much as officials have rung the alarm about Volt Typhoon, the government also intends to trumpet its successes against the China-linked group.
State attorneys general implore Congress not to preempt their privacy laws.
Federal agencies helping Catholic health network amid cyberattack.
Is the senior cybersecurity reporter for The Record.
Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community.
He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.
This Cyber News was published on therecord.media. Publication date: Mon, 13 May 2024 15:13:08 +0000