Top

Explainer video: what is Volt Typhoon

In the ever-evolving landscape of cybersecurity threats, one name has emerged as a harbinger of potential chaos: Volt Typhoon. This sophisticated cyber operation, backed by the Chinese state, has been silently infiltrating critical infrastructure in Western countries, particularly the United States. Recent revelations of its existence and activities have sent shockwaves through global security circles, prompting urgent calls for action and cooperation.

Volt Typhoon, known by various aliases including Vanguard Panda, Bronze Silhouette, and Dev-0391, operates as part of a broader Chinese cyber campaign to compromise thousands of internet-connected devices. Its targets range from naval ports to internet providers, communications services, and utilities. Western intelligence officials have identified Volt Typhoon’s modus operandi: exploiting vulnerabilities in outdated technology such as routers, firewalls, and virtual private networks (VPNs), often using stolen credentials and passwords.

What is a Volt Typhoon?

What sets Volt Typhoon apart from traditional cyber threats is its strategic focus on “pre-positioning” for future acts of sabotage rather than immediate data theft. It has maintained access to compromised devices for years, waiting for the opportune moment to unleash its destructive potential. This long-term approach has led FBI Director Christopher Wray to label the Volt Typhoon as “the defining threat of our generation.”

Volt Typhoon’s activities extend beyond the borders of the United States. While its primary targets have been US infrastructure, intelligence reports suggest that allied nations, including Canada, Australia, New Zealand, and the UK, may also have been affected. This global reach underscores the urgency of coordinated international efforts to combat cyber threats.

Despite mounting evidence linking the Volt Typhoon to state sponsorship, Beijing has consistently denied cyber-attack involvement. However, analysts argue that Volt Typhoon’s objectives and tactics align closely with China’s strategic interests. As tensions between the US and China escalate, cyber operations’ role as a geopolitical leverage tool becomes increasingly apparent.

The discovery of Volt Typhoon has sparked a flurry of activity within both government and private sectors. The US government has initiated collaborations with technology industry leaders to track and mitigate the threat posed by the Volt Typhoon. However, the battle against cyber threats requires more than just reactive measures; it demands proactive strategies to fortify digital defences and enhance resilience against future attacks.

What’s next?

In response to dismantling a bot network linked to this sophisticated cyber operation, the Cybersecurity and Infrastructure Security Agency (CISA) issued directives for affected organizations to disconnect compromised devices and initiate remediation efforts. This proactive approach reflects the gravity of the situation and the imperative for swift and decisive action.

Looking ahead, the threat posed by the Volt Typhoon serves as a wake-up call for nations and organizations worldwide. As cyber warfare evolves into a prominent battleground of the 21st century, collaboration, vigilance, and innovation will be essential in safeguarding critical infrastructure and preserving global security.

In the face of Volt Typhoon and similar cyber threats, the imperative is clear: united we stand, divided we fall. It is only through collective action and unwavering determination that we can weather the storm of cyber warfare and emerge stronger on the other side.

George Mavridis is a journalist currently conducting his doctoral research at the Department of Journalism and Mass Media at Aristotle University of Thessaloniki (AUTH). He holds a degree from the same department, as well as a Master’s degree in Media and Communication Studies from Malmö University, Sweden, and a second Master’s degree in Digital Humanities from Linnaeus University, Sweden. In 2024, he completed his third Master’s degree in Information and Communication Technologies: Law and Policy at AUTH. Since 2010, he has been professionally involved in journalism and communication, and in recent years, he has also turned to book writing.