Cybersecurity

NSA says US still finding victims of Volt Typhoon’s espionage campaign

Rob Joyce, director of cybersecurity at the NSA, says the US is “still finding victims and making sure to clear out intrusions,” according to The Record.
article cover

Francis Scialabba

· less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

The US is still investigating the breadth of Volt Typhoon’s espionage campaign to target critical infrastructure in the US, The Record reported March 18. Rob Joyce—the soon-to-be-retired director of cybersecurity at the NSA—told journalists that the government used AI to uncover some of Volt Typhoon’s breaches, while noting that the US is “still finding victims and making sure to clear out intrusions.”

“What I can say is that China is the most prolific state sponsor of espionage that we see,” Ben Read—the Mandiant head of cyber espionage analysis at Google Cloud—told IT Brew, noting Chinese threat actors are “prolific” in numbers as well as in “global reach.” “They are active in Asia, they’re active in North America, they are active in Europe, they’re active in the Middle East.”

With these types of intrusions carried out by Chinese state-backed actors, Read notes that data is not necessarily the most important factor here—it’s access.

“What’s unique about the Volt Typhoon stuff is that they’re targeting critical infrastructure. So the router stuff is one method that theyre doing, but it’s not just Volt Typhoon that’s doing that—these things mix and match across the Chinese threat actor ecosystem.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.