"Volt Typhoon" is the name assigned by U.S. cybersecurity officials to a state-sponsored cyber operation linked to the Chinese Communist Party that has quietly penetrated critical infrastructure networks across the U.S., apparently with the aim of unleashing disruptive or destructive cyberattacks.
In a previously closed-door meeting held in Geneva last December, Chinese officials offered what top U.S. officials interpreted as a tacit admission of responsibility for the cyberattack campaign against U.S. critical infrastructure, including computer networks at U.S. ports, water utilities, airports, and other targets, according to the Wall Street Journal, citing people familiar with the matter.
The report of the Chinese acknowledgment, cited by WSJ sources, comes amid escalating trade tensions between Washington and Beijing, as the Trump administration raises tariffs on Chinese goods. A White House official confirmed to CNBC earlier that the effective tariff rate will soon exceed 145%. Sources characterized the Volt Typhoon not as traditional espionage but as a means to sabotage capabilities inside civilian infrastructure in the event of a future conflict. This is directly tied to the U.S.' increased support for Taiwan, the people added.
The people said the Biden-Harris regime and the Trump transition team were briefed about the Geneva summit in December.
Here's more color on the report from WSJ:
The first-of-its-kind Signal at a Geneva summit with the outgoing Biden administration startled American officials used to hearing their Chinese counterparts blame the campaign, which security researchers have dubbed Volt Typhoon, on a criminal outfit, or accuse the U.S. of having an overactive imagination.
U.S. officials went public last year with unusually dire warnings about the uncovered Volt Typhoon effort. They publicly attributed it to Beijing trying to get a foothold in U.S. computer networks so its army could quickly detonate damaging cyberattacks during a future conflict.
The Chinese official's remarks at the December meeting were indirect and somewhat ambiguous, but most of the American delegation in the room interpreted it as a tacit admission and a warning to the U.S. about Taiwan, a former U.S. official familiar with the meeting said.
Last year, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) confirmed that Volt Typhoon compromised the IT systems of multiple critical infrastructure organizations, primarily in the communications, energy, transportation systems, and water and wastewater systems sectors across the U.S.
"Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the U.S. authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," CISA warned in February 2024.
In addition to the Volt Typhoon, another cyber espionage operation linked to the CCP is the ongoing Salt Typhoon, aimed at deep surveillance and long-term intelligence collection. Hence why, U.S. Gov't officials have been instructed to use end-to-end encrypted communications, Apple iMessage, and Signal.
Top Trump administration officials need to clean house across the federal government's cybersecurity workers for allowing such attacks to occur without a proper response.
The previous administration took little to no action against the Communists—could this be why? Was Biden China's Manchurian Candidate all along?
