Brother
Professional
- Messages
- 2,590
- Reaction score
- 496
- Points
- 83
The Volt Typhoon story forces the government to strengthen cybersecurity by any means necessary.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned U.S. organizations of the growing threat of cyberattacks targeting small office/home office (SOHO) routers.
Special attention is paid to attacks coordinated by the Chinese hacker group Volt Typhoon (also known as Bronze Silhouette), which has recently been actively trying to seize control of such devices in various American organizations.
Despite the fact that the latest wave of attacks was successfully repelled , router manufacturers were advised to continue to pay much more attention to the cybersecurity of network devices.
In particular, it is recommended to exclude all potential vulnerabilities in web management interfaces of routers and other network equipment at the design and development stages, if at all possible.
However, security experts have suggested a number of effective methods. For example, you can change the default configuration of routers to automate firmware updates, require manual confirmation when disabling security settings, and restrict access to the router management interface only from devices connected over a local network.
On the one hand, this may slightly reduce the functionality and possible use cases of routers, but on the other hand, it will eliminate most, if not all, external security threats.
Cheap routers are very popular both in small organizations and in the home use of many Americans. The ability to access them via the Internet makes such devices vulnerable to capture in a botnet army of intruders and further use for organizing DDoS attacks, including those aimed at critical infrastructure of the country.
CISA paid special attention to the activity of the Volt Typhoon group, which is associated with Chinese cyber spies and has been targeting SOHO routers since August 2022, using the KV-botnet malware.
In June 2023, a U.S. government advisory agency estimated that the group was working to build infrastructure that could potentially be used to disrupt communications across the United States.
A Microsoft report from May last year mentions that since mid-2021, Chinese hackers have regularly attacked and penetrated critical US infrastructure organizations, including the island of Guam, which is home to several US military bases.
Volt Typhoon is known for attacking routers, firewalls, and VPN devices, which allows hackers to mask the transmission of malicious traffic and thus avoid detection during attacks. In addition to military installations, such hidden networks have repeatedly hit American telecommunications and Internet service providers, as well as various government facilities, including critical infrastructure.
As we reported earlier , the US government has already partially defused the Volt Typhoon infrastructure, but nothing prevents hackers from reorganizing their network and returning later with a much more massive and destructive attack.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned U.S. organizations of the growing threat of cyberattacks targeting small office/home office (SOHO) routers.
Special attention is paid to attacks coordinated by the Chinese hacker group Volt Typhoon (also known as Bronze Silhouette), which has recently been actively trying to seize control of such devices in various American organizations.
Despite the fact that the latest wave of attacks was successfully repelled , router manufacturers were advised to continue to pay much more attention to the cybersecurity of network devices.
In particular, it is recommended to exclude all potential vulnerabilities in web management interfaces of routers and other network equipment at the design and development stages, if at all possible.
However, security experts have suggested a number of effective methods. For example, you can change the default configuration of routers to automate firmware updates, require manual confirmation when disabling security settings, and restrict access to the router management interface only from devices connected over a local network.
On the one hand, this may slightly reduce the functionality and possible use cases of routers, but on the other hand, it will eliminate most, if not all, external security threats.
Cheap routers are very popular both in small organizations and in the home use of many Americans. The ability to access them via the Internet makes such devices vulnerable to capture in a botnet army of intruders and further use for organizing DDoS attacks, including those aimed at critical infrastructure of the country.
CISA paid special attention to the activity of the Volt Typhoon group, which is associated with Chinese cyber spies and has been targeting SOHO routers since August 2022, using the KV-botnet malware.
In June 2023, a U.S. government advisory agency estimated that the group was working to build infrastructure that could potentially be used to disrupt communications across the United States.
A Microsoft report from May last year mentions that since mid-2021, Chinese hackers have regularly attacked and penetrated critical US infrastructure organizations, including the island of Guam, which is home to several US military bases.
Volt Typhoon is known for attacking routers, firewalls, and VPN devices, which allows hackers to mask the transmission of malicious traffic and thus avoid detection during attacks. In addition to military installations, such hidden networks have repeatedly hit American telecommunications and Internet service providers, as well as various government facilities, including critical infrastructure.
As we reported earlier , the US government has already partially defused the Volt Typhoon infrastructure, but nothing prevents hackers from reorganizing their network and returning later with a much more massive and destructive attack.
