Chinese hackers infiltrated plane, train and water systems for five years, US says 

The US was joined by several other countries’ intelligence agencies in announcing the hack. Photograph: Dado Ruvić/Reuters
Guardian staff and agencies
Last modified on 2024 Feb 08

A group known as Volt Typhoon, geared toward sabotage, quietly burrowed into critical US infrastructure networks

An advanced group of Chinese hackers taking aim at critical US infrastructure has been active for as long as half a decade, American and allied intelligence agencies said in a joint statement on Wednesday.

The US National Security Agency, US cyber watchdog CISA, the FBI and the Transportation Security Administration said that the group known as Volt Typhoon had quietly burrowed into the networks of aviation, rail, mass transit, highway, maritime, pipeline, water and sewage organizations.


A deepfake newscaster
Iran-backed hackers interrupt UAE TV streaming services with deepfake news

None of the organizations were identified by name, but the statement said that US intelligence officials had observed the hackers “maintaining access and footholds within some victim IT environments for at least five years”.

The statement, which was co-signed by the respective cybersecurity agencies of Britain, Australia, Canada and New Zealand, is the latest in a series of warnings from US officials about Volt Typhoon, a group that has drawn particular alarm because it appears geared toward sabotage rather than espionage.

The widespread nature of the hacks has led to a series of meetings between the White House and the private technology industry, including several telecommunications and cloud commuting companies, in which the US government asked for assistance in tracking the activity.

“We are extraordinarily concerned about malicious cyber activity from the PRC state-sponsored actor that industry calls Volt Typhoon,” a senior CISA official, Eric Goldstein, referring to the People’s Republic of China, told Reuters ahead of the statement’s release. “Most of the victims we have identified have no legitimate espionage value.”

Explore more on these topics

Most viewed


Leave a Reply