Emergency Response
CISA—along with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other U.S. government and international partners—released a major advisory on Feb. 7, 2024 warning cybersecurity defenders of the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.”
In this warning about critical business risk for every organization in the U.S. and allied countries, the authors asserted that Volt Typhoon has been pre-positioning themselves on U.S. critical infrastructure organizations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies.
As the threat continues to grow, more recently on March 19, 2024, CISA and partners released a supporting fact sheet to provide leaders of critical infrastructure entities with guidance to help prioritize the protection of critical infrastructure and functions, urging leaders to recognize cyber risk as a core business risk, deeming it both necessary for good governance and fundamental to national security.
In summary, the fact sheet emphasizes the importance of using intelligence-informed prioritization tools, effectively applying detection, and hardening best practices, investing in cybersecurity training and skill development, and developing comprehensive security plans that include activities like conducting regular tabletop exercises.
Additionally, the fact sheet details suggestions for securing n organization’s supply chain, which includes increased vendor risk management and greater attention to selecting vendors who deliver secure and resilient systems that include design practices with an eye toward security.
Vendor scrutiny is only one aspect of driving a cybersecurity culture within organizations. The fact sheet provides the following bullet points for creating such a culture:
- “Encouraging collaboration between IT, OT, cloud, cybersecurity, supply chain, and business units to align security measures with business objectives and risk management strategies.
- Championing organizational cybersecurity risk assessments and audits to identify vulnerabilities and gaps in the security posture.
- Engaging with external cybersecurity experts and advisors for independent assessments and guidance tailored to your organization and performing GAP analysis on findings.
- Increasing awareness of social engineering tactics and facilitating a culture which encourages incident reporting.”
The fact sheet concludes with tips for Incident Response and additional information and resources.
Virtual Guardian highly recommends your organization review the “PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders” fact sheet in its entirety at cisa.gov:
1-800-401-TECH (8324)