Cyber Resilience

Volt Typhoon US critical-infrastructure pre-positioning (VOLT-TYPHOON-2024)

Espionage intrusion · disclosed 2024-02-07 · region: US · primary attribution: Volt Typhoon

Earliest known compromise: 2021-06-01

Sectors touched: Utilities · Electric Power Generation, Transmission & Distribution · Pipeline Transportation · Telecommunications

PRC PLA-attributed living-off-the-land intrusion into US critical infrastructure (water utilities, energy sector, transportation, ports, comms). CISA AA24-038A: pre-positioning for "disruptive or destructive cyberattacks against US critical infrastructure in the event of a major crisis or conflict". First time CISA formally framed pre-positioning as strategic-level threat.

Named victims

No individual victims named — this incident affected many orgs (see source advisories below for the full list where applicable).

Linked sources

This canonical entry pulls together coverage from the other data layers — curated narrative above; raw sources below.

Sources

« All landmark incidents  ·  All actors  ·  All victims