• The Breach Report
  • Posts
  • China confesses to Volt Typhoon role in U.S. infrastructure cyberattacks

China confesses to Volt Typhoon role in U.S. infrastructure cyberattacks

Chinese officials admitted responsibility for escalating cyberattacks against U.S. infrastructure in secret talks held in Beijing in December 2024.

Welcome to the latest issue of The Breach Report, a cybersecurity newsletter from the creators of the Cybersecurity Careers Blog. Be sure to subscribe via email or RSS.

Cyberattacks against U.S. due to “American support for Taiwan”

According to a new report from The Wall Street Journal, Chinese officials indirectly admitted in a meeting amongst the outgoing Biden administration in December 2024 to its role in supporting damaging cyberattacks against the United States' critical infrastructure. The hacks against U.S. ports, energy utilities, airports, and other infrastructure have been attributed to a Beijing state-sponsored group, Volt Typhoon.

The stark admission by Beijing officials stunned American counterparts.

In past talks, China has blamed the cyberattacks attributed to Volt Typhoon on “criminal outfits” or accused the U.S. of having an “overactive imagination.”

The Wall Street Journal reported that the Chinese official’s remarks at the December meeting “were indirect and somewhat ambiguous, but most of the American delegation in the room interpreted it as a tacit admission and a warning to the U.S. about Taiwan.”

“China wants U.S. officials to know that, yes, they do have this capability, and they are willing to use it,” Dakota Cary of cybersecurity firm SentinelOne said.

“We’re not used to China showing their hand,” stated Sean Tufts, managing partner for critical infrastructure at the cybersecurity firm Optiv, to CyberNews.

“Their modus operandi is always to deny, cover, and distract. It makes me think they are distracting us with Volt/Salt Typhoon to cover other activities,” said Tufts.

The cyberattacks against U.S. infrastructure have long been justified by American support for Taiwan. According to China’s One China Principle (or 一個中國政策), there is only one sovereign state under the name of China. Taiwan is an unalienable part of China, unable to declare its sovereignty as a nation.

In March 2024, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) warned all critical infrastructure leaders about the urgent risk of a Volt Typhoon.

Going on the offensive against “The Typhoons”

Just before being fired as the head of U.S. CYBERCOM and 19th Director of the National Security Agency (NSA), General Timothy Haugh remarked that the U.S. needs government and private-sector collaboration to defend against critical infrastructure cyberattacks.

This includes going on the offensive against “the Typhoons”: Salt Typhoon, Silk Typhoon, and Volt Typhoon–all linked to the CCP.

“99% of the critical infrastructure in the United States is controlled by private companies, so that really drives us to talk about how we partner with industry and with the commercial sector,” Gen. Haugh said.

Asked by Senator Ted Budd (R-NC) about if the U.S. has an offensive cyber strategy, Gen. Haugh stated that he has “clear guidance in what the Secretary of Defense expects in terms of our aggressive approach to be able to restore deterrence.”

Gen. Haugh continued that he’d happily elaborate about the offensive cyber strategy in a closed hearing.

Today’s Cyber Social Funny

Attribution? Possibly you!

Until next time…

Rob Waters
Founder
The Breach Report + Cybersecurity Careers Blog


P.S. - Do you want to start a newsletter yourself?
You can with beehiiv. Create one today with a free trial.
Disclaimer: The Breach Report may contain affiliate links. Read our Advertising policy page.

Reply

or to participate.