Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
posted by hubie on Saturday February 17 2024, @08:14AM   Printer-friendly
from the y'all-be-careful-out-there dept.

Arthur T Knackerbracket has processed the following story:

The US government today confirmed China's Volt Typhoon crew comprised "multiple" critical infrastructure orgs' IT networks in America – and Uncle Sam warned that the Beijing-backed spies are readying "disruptive or destructive cyberattacks" against those targets.

The Chinese team remotely broke into IT environments — primarily across communications, energy, transportation systems, and water and wastewater system sectors — in the continental and non-continental United States and its territories, including Guam.

"Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the US authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," a dozen Five Eyes government agencies warned on Wednesday. 

[...] According to the US agencies, Volt Typhoon will likely use any network access it can get to pull off disruptive attacks against American systems and equipment in the event of geopolitical tensions or military conflicts.

[...] While the threat to American critical infrastructure appears to be the highest, should US facilities be disrupted, "Canada would likely be affected as well, due to cross-border integration," according to CCCS. 

Australian and New Zealand critical infrastructure could be vulnerable as well.

In addition to sounding the alarm, the government bodies issued a long list of technical details, TTPs observed in the digital break-ins, and detection recommendations and best practices. 

Plus, there's three actions that owners and operators should take "today" to mitigate the threat.

These include: Apply patches for internet-facing systems with priority given to appliances that Volt Typhoon likes to exploit. 

Second: Turn on phishing-resistant multi-factor authentication (MFA).

And finally, ensure that logging is turned on for applications, access and security logs, and store these logs in a centralized system.


Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by RamiK on Monday February 19 2024, @03:03PM (1 child)

    by RamiK (1813) on Monday February 19 2024, @03:03PM (#1345153)

    I don't see how the first amendment is breached by congress passing a law saying the goverment is forbidden from buying ad network data. There been similar procurement bans handed out by congress since forever under similar circumstances (like restricting what weapons certain branches of goverment are allowed to buy and deploy).

    --
    compiling...
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 1) by khallow on Monday February 19 2024, @04:51PM

    by khallow (3766) Subscriber Badge on Monday February 19 2024, @04:51PM (#1345173) Journal
    There's also "cyber-bullying and moderation of hate speech". I would look to other amendments (4th, 5th, and 14th amendments in particular) for the curtailing of the purchase of ad network data. And I wouldn't be surprised to find that there's already existing legislative law being violated.