The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) said that People’s Republic of China (PRC)-backed hackers are seeking to pre-position themselves on IT networks for disruptive or destructive cyber attacks as they have gained access for “at least five years”.
Volt Typhoon, a state-sponsored group of hackers based in China, has compromised the IT environments of multiple critical infrastructure organisations — primarily in communications, energy, transportation systems and water and wastewater systems sectors — in the US and its territories, the agencies said in a joint statement late on Wednesday.