Federal analysts are still sizing up what the Chinese hackers known as Volt Typhoon, who penetrated U.S. critical infrastructure to maintain access within those networks, might have intended by setting up shop there, a Cybersecurity and Infrastructure Security Agency official said Thursday.
“We still don’t actually know what the result of that is going to be,” said Steve Casapulla, acting chief strategy officer at CISA. “They are in those systems. They are in those systems on the island of Guam, as has been talked about publicly. So what [are] the resulting impacts going to be from a threat perspective? That’s the stuff we’re looking really hard at.”
Casapulla made his remarks at a Washington, D.C. event hosted by Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security.
Some believe that Chinese penetration of U.S. telecommunications networks by another Chinese hacking group, Salt Typhoon, have overshadowed the machinations of Volt Typhoon, which could eventually have a bigger impact. U.S. officials have warned that China could be prepositioning in critical infrastructure should conflict break out between the United States and Beijing.
Other federal officials have said Volt Typhoon might not have been as successful at maintaining their access as they hoped.
Casapulla said CISA is looking at how to mitigate the threat as well as determining the end goal of the hackers.
“Is it to merely disrupt a few cranes at a port? That could be one thing. But what about if it were all the ports?” he asked. “What about if it were all cargo management systems so they don’t have to do anything physical? They can just shut down a database and limit our ability to track cargo that moves on and off of ships, effectively shutting down the ports and the entire transportation system that way.
“Those are the kind of second-, third-order effects that I also worry about,” Caspulla said.
When he testified before Congress at a hearing last month on his nomination to become national cyber director, Sean Cairncross said Volt Typhoon hacking “has potentially life-and-death consequences.” Other Trump administration officials also have sounded the alarm about the hacking group.
It was also a point of concern in the prior administration under President Joe Biden.
The post Feds still trying to crack Volt Typhoon hackers’ intentions, goals appeared first on CyberScoop.