Volt Typhoon threat group had access to American utility networks for the best part of a year

• Latest Volt Typhoon attack discovery raises concerns about OT security culture
• Artificial intelligence’s role in attacks continues to worry cybersecurity leaders
• Vulnerable OT servers leave SMBs and enterprises open to ransomware attacks and IP theft

Volt Typhoon, a threat group with links to China, had access to Massachusetts’ Littleton Electric Light and Water Departments (LELWD)’s operational technology (OT) network for ten months in 2023.

The intrusion lasted from February to November 2023, yet security researchers at Dragos, who discovered it, moved quickly once it was known; identifying the group’s activities on the server and containing the threat without customer data being compromised.

Data on OT networks, especially where Critical National Infrastructure (CNI) is concerned, is important to lock down. Infosecurity reported on Donovan Tindill, DeNexus’ OT cybersecurity director, explaining that exposed small business servers of this kind allow for the theft of intellectual property ...