icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

US Shorts China's Volt Typhoon Crew Targeting America's Criticals

Summary:
According to Reuters, the US Justice Department and FBI have reportedly taken action against Chinese state-sponsored hackers attempting to infiltrate American critical infrastructure. Over several months, law enforcement conducted operations authorized by a court order, to disable parts of the Chinese hacking campaign. This campaign, known as Volt Typhoon, was revealed in May 2023 after it was found that the hackers accessed US critical infrastructure networks as far back as 2021.

The group typically exploits vulnerable internet facing devices to gain access, steal credentials, and maintain persistence on systems. Concerns have been raised about the potential for these hackers to disrupt US critical networks, including military installations and utilities.

Security Officer Comments:

The reported takedown follows a directive from CISA to address vulnerabilities, which were reportedly hacked by Chinese state-sponsored attackers. While the exploits were not directly attributed to a specific group, there is ongoing concern about Chinese-backed criminals targeting government networks and vulnerable devices.

Suggested Corrections:
Organizations can make APT groups’ lives more difficult. Here’s how:

  • Defense-in-depth strategy: A comprehensive defense-in-depth strategy is crucial to combat APTs. This includes implementing multiple layers of security controls, such as strong perimeter defenses, network segmentation, endpoint protection, intrusion detection systems, data encryption, access controls, and continuous monitoring for anomalies.
  • Threat intelligence and sharing: Ideally, organizations should actively participate in threat intelligence sharing communities and collaborate with industry peers, government agencies, and security vendors. Sharing information about APTs and their techniques can help detect and mitigate attacks more effectively.
  • Employee education and awareness: Regular security awareness programs, phishing simulations, and training sessions can educate employees about the latest threats, social engineering techniques, and safe computing practices.
  • Incident response and recovery: Despite preventive measures, organizations should have a well-defined incident response plan. This includes incident detection, containment, eradication, and recovery procedures to minimize the impact of APT attacks and restore normal operations.

Link(s):
https://www.theregister.com/2024/01/30/fbi_china_volt/

https://www.reuters.com/world/us/us...g-critical-infrastructure-sources-2024-01-29/

Contact Us for Threat Assistance
Back to Current Threats