CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance | CISA
Recently, CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), PRC State-Sponsored Actors Compromise and Maintain Persistent Access to United States. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and Mitigating Living off the Land Techniques.
The following federal agencies and international organizations are additional co-authors on the joint advisory and guidance:
- United States. Department of Energy (DOE)
- United States. Environmental Protection Agency (EPA)
- United States. Transportation Security Administration (TSA)
- Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)
- Canadian Centre for Cyber Security (CCCS) a part of the Communications Security Establishment (CSE)
- United Kingdom National Cyber Security Centre (NCSC-UK)
- New Zealand National Cyber Security Centre (NCSC-NZ)
Volt Typhoon actors are seeking to pre-position themselves—using living off the land (LOTL) techniques—on IT networks for disruptive or destructive cyber activity against United States. critical infrastructure in the event of a major crisis or conflict with the United States. The advisory provides actionable information from United States. incident response activity that can help all organizations:
- Recognize Volt Typhoon techniques,
- Assess whether Volt Typhoon techniques have compromised your organization,
- Secure your networks from these adversarial techniques by implementing recommended mitigations.
To supplement the advisory, the Joint Guidance provides threat detection information and mitigations applicable to LOTL activity, regardless of threat actor. Additionally, CISA has published Secure by Design Alert: Security Design Improvements for SOHO Device Manufacturers, which provides technology manufactures guidance on protecting their products from Volt Typhoon compromises.
CISA and its partners strongly urge critical infrastructure organizations and technology manufacturers to read the joint advisory and guidance to defend against this threat. For more information on People’s Republic of China (PRC) state-sponsored actors, visit People’s Republic of China Cyber Threat. To learn more about secure by design principles and practices, visit Secure by Design.
Disasters Expo USA, is proud to be supported by Inergency for their next upcoming edition on March 6th & 7th 2024!
The leading event mitigating the world’s most costly disasters is returning to the Miami Beach
And in case you missed it, here is our ultimate road trip playlist is the perfect mix of podcasts, and hidden gems that will keep you energized for the entire journey-