Dragos reveals Volt Typhoon hackers infiltrated a US electric utility for 300 days, collecting sensitive data. Learn how this cyberattack threatens infrastructure.

Cybersecurity firm Dragos has revealed a prolonged cyber attack by the Chinese threat actor Volt Typhoon into the United States electric grid, specifically targeting the Littleton Electric Light and Water Departments (LELWD) in Massachusetts. This breach lasted over 300 days from February to November 2023.

The incident came to light just before Thanksgiving in 2023 when the FBI alerted LELWD to a potential compromise. Following investigations, with assistance from Dragos, revealed that the Volt Typhoon had infiltrated the utility’s systems as early as February 2023.

According to Dragos’s report, during this extensive period, the threat actors collected sensitive operational technology (OT) data, including information on energy grid operations, which could facilitate future disruptive attacks on critical infrastructure.

Volt Typhoon’s Modus Operandi

Volt Typhoon, also known as VOLTZITE, is a Chinese state-sponsored advanced persistent threat group active since at least mid-2021. The group focuses on cyber espionage, primarily ...