720-891-1663

Return to List of Client Alerts

Ports, pipelines, water utilities and the Texas power grid share one thing in common.

China is trying to hack all of them according to government and industry officials.

The Washington Post says that China has “accessed” the computer systems of about two dozen critical entities over the last year. They also targeted the Texas power grid and a Hawaii water utility.

The goal, they think, is to be able to take down critical infrastructure if things go south between the U.S. and China.

They are attacking home routers (trivial), office routers (more difficult) and employee credentials (unfortunately, too easy).

Of course they are not limiting their attacks to the U.S., but we are more concerned about our critical infrastructure. We saw the panic that ensued when the Colonial Pipeline was down for just a few days.

Microsoft calls the group Volt Typhoon and says the group has been active since 2021. Their goal is persistent access across communications, manufacturing, utility, transportation, construction, maritime, information technology and education. They are working first in the Indio-Pacific region, including Hawaii, as they assume this is where we would launch an attack on them from and if they can take down even some critical infrastructure there, it would complicate our ability to mobilize and resupply.

In August they tried to attack the Texas PUC and ERCOT, which operates the state’s power grid. Texas is on its own grid, which is why 250 people died when the Texas grid failed due to poor planning on the state’s part and not being connected to the rest of the country’s grid. Of course the state says they did not get in. Unless THAT attack was a distraction so that they didn’t realize they got in elsewhere.

The whole idea is to lay low, persist and launch at attack at some future date. We know about the two dozen that we found. What about the ones that we have not found?

That ought to make everyone nervous. Credit: Spectrum 1 News