Volt Typhoon

Volt Typhoon
Formation	2021 or earlier
Type	Advanced persistent threat
Purpose	Cyberwarfare
Location	China;
Affiliations	Chinese government

Volt Typhoon (also known as BRONZE SILHOUETTE, Dev-0391, Insidious Taurus, Storm-0391, UNC3236, VANGUARD PANDA, or VOLTZITE) is an advanced persistent threat engaged in cyberespionage on behalf of the People's Republic of China. Active since at least mid-2021, the group is known to primarily target the United States manufacturing, utility, transportation, construction, maritime, defense, information technology, and education sectors. Volt Typhoon focuses on espionage, data theft, and credential access.^[1]

According to Microsoft, the group goes to great lengths to avoid detection, and its campaigns prioritize capabilities which enable China to sabotage critical communications infrastructure between the US and Asia during potential future crises.^[1] The US government believes the group's goal is to slow down any potential US military mobilization that may come following a Chinese invasion of Taiwan.^[2]

^ ^a ^b "Volt Typhoon targets US critical infrastructure with living-off-the-land techniques". Microsoft. 2023-05-24. Retrieved 2024-10-09.
^ Antoniuk, Daryna (2024-08-27). "China's Volt Typhoon reportedly targets US internet providers using Versa zero-day". Recorded Future. Retrieved 2024-10-09.

[:0-1] "Volt Typhoon targets US critical infrastructure with living-off-the-land techniques". Microsoft. 2023-05-24. Retrieved 2024-10-09.

[2] Antoniuk, Daryna (2024-08-27). "China's Volt Typhoon reportedly targets US internet providers using Versa zero-day". Recorded Future. Retrieved 2024-10-09.

[1]

[2]