Volt Typhoon

Volt Typhoon
Formation2021 or earlier
TypeAdvanced persistent threat
PurposeCyberwarfare
Location
AffiliationsChinese government

Volt Typhoon (also known as VANGUARD PANDA, BRONZE SILHOUETTE, Redfly, Insidious Taurus, Dev-0391, Storm-0391, UNC3236, or VOLTZITE) is an advanced persistent threat engaged in cyberespionage reportedly on behalf of the People's Republic of China. Active since at least mid-2021, the group is known to primarily target United States manufacturing, utility, transportation, construction, maritime, defense, information technology, and education sectors. Volt Typhoon focuses on espionage, data theft, and credential access.[1]

According to Microsoft, the group goes to great lengths to avoid detection, and its campaigns prioritize capabilities which enable China to sabotage critical communications infrastructure between the US and Asia during potential future crises.[1] The US government believes the group's goal is to slow down any potential US military mobilization that may come following a Chinese invasion of Taiwan.[2] The Chinese government denies the group exists.[3][4]

  1. ^ a b "Volt Typhoon targets US critical infrastructure with living-off-the-land techniques". Microsoft. 2023-05-24. Archived from the original on 2024-01-17. Retrieved 2024-10-09.
  2. ^ Antoniuk, Daryna (2024-08-27). "China's Volt Typhoon reportedly targets US internet providers using Versa zero-day". Recorded Future. Archived from the original on 2024-09-17. Retrieved 2024-10-09.
  3. ^ Cite error: The named reference :2 was invoked but never defined (see the help page).
  4. ^ Martin, Alexander (July 11, 2024). "Chinese cyber agency accused of 'false and baseless' claims about US interfering in Volt Typhoon research". therecord.media. Recorded Future. Archived from the original on 2024-10-09. Retrieved 2024-10-29.