This Joint Fact Sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as Volt Typhoon. The Cybersecurity and Infrastructure Security Agency (CISA)—along with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners—released a major advisory on February 7, in which the US authoring agencies warned cybersecurity defenders that Volt Typhoon has been pre-positioning themselves on US critical infrastructure organizations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies. This is a critical business risk for every organization in the United States and allied countries.

The advisory provides detailed information related to the groups’ activity and describes how the group has successfully compromised US organizations, especially in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors. The authoring organizations urge critical infrastructure owners and operators to review the advisory for defensive actions against this threat and its potential impacts to
national security.

CISA and its partners are releasing this Joint Fact Sheet to provide leaders of critical infrastructure entities with guidance to help prioritize the protection of critical infrastructure and functions. The authoring agencies urge leaders to recognize cyber risk as a core business risk. This recognition is both necessary for good governance and fundamental to national security.

CISA and its partners strongly urge critical infrastructure organizations leaders to read the guidance provided in the Joint Fact Sheet to defend against this threat. For more information on Volt Typhoon related activity, see PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and Mitigating Living off the Land Techniques. To learn more about secure by design principles and practices, visit Secure by Design.

This Joint Fact Sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as Volt Typhoon. The Cybersecurity and Infrastructure Security Agency (CISA)—along with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners—released a major advisory on February 7, in which the US authoring agencies warned cybersecurity defenders that Volt Typhoon has been pre-positioning themselves on US critical infrastructure organizations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies. This is a critical business risk for every organization in the United States and allied countries.

The advisory provides detailed information related to the groups’ activity and describes how the group has successfully compromised US organizations, especially in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors. The authoring organizations urge critical infrastructure owners and operators to review the advisory for defensive actions against this threat and its potential impacts to
national security.

CISA and its partners are releasing this Joint Fact Sheet to provide leaders of critical infrastructure entities with guidance to help prioritize the protection of critical infrastructure and functions. The authoring agencies urge leaders to recognize cyber risk as a core business risk. This recognition is both necessary for good governance and fundamental to national security.

CISA and its partners strongly urge critical infrastructure organizations leaders to read the guidance provided in the Joint Fact Sheet to defend against this threat. For more information on Volt Typhoon related activity, see PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and Mitigating Living off the Land Techniques. To learn more about secure by design principles and practices, visit Secure by Design.