US officials stressed that even if the US government manages to expel a notorious Chinese hacking operation, which has infiltrated critical infrastructure entities, the extensive digital campaign has irrevocably transformed the cyber threat landscape. This operation, known as Volt Typhoon, remains a significant concern for federal national security leaders who have assessed its capabilities and intentions. They believe that Beijing will persist in its aggressive approach, aiming to cause disruption and instigate societal panic, particularly in times of military conflict.
This shift signifies a departure from the traditional objective of nation-state hacking, moving towards more malevolent intentions, officials assert. Despite efforts to enhance the detection capabilities of critical infrastructure and strengthen vulnerabilities in edge devices, concerns about China’s intentions persist.
Moreover, the techniques employed by Volt Typhoon could serve as a blueprint for other foreign adversaries. While Microsoft initially flagged the threat of Volt Typhoon about a year ago, it only gained significant public attention in January when the Justice Department disclosed the group’s infiltration of hundreds of office and home office routers to enable data access for the Chinese government.
The notion that state-backed breaches, targeting insecure or end-of-life devices to access sensitive networks, could become the new norm is shared by law enforcement. FBI officials emphasize the enduring threat posed by such actions, especially considering the lifespan of edge devices and their continued operational functionality within US-based networks.
Despite the DOJ’s efforts to dismantle Volt Typhoon earlier this year, the federal government still grapples with understanding the full extent of the group’s activities. It’s suggested that the group could have adapted post-law enforcement intervention, developing new tactics to pose threats to critical infrastructure.