Critical Infrastructure Security, Threat Intelligence, Breach, OT Security

US electric utility subjected to almost year-long Volt Typhoon compromise

High voltage electricity tower sky sunset landscape,industrial background.

(Adobe Stock)

SecurityWeek reports that Massachusetts-based power utility Littleton Electric Light and Water Departments has been compromised by the Chinese state-sponsored threat operation Volt Typhoon for over 300 days in 2023.

Investigation into the breach, which was identified before Thanksgiving of that year, revealed that LELWD has been infiltrated by Volt Typhoon since February, reported Dragos researchers.

"The significance of the discovery of this attack is that it highlights that the adversary not only aimed to maintain persistent access to the victim's environment for a long tenure, but also were aiming to exfiltrate specific data related to [operational technology] operating procedures and spatial layout data relating to energy grid operations," said Dragos, which also noted that information obtained from the intrusion could facilitate more significant attacks.

Such findings come a year after Volt Typhoon, also known as Voltzite, was initially observed by Dragos to have been targeting data from organizations' OT systems.

Related

Suspected Chinese-linked hackers set sights on Taiwan

After achieving initial access by targeting vulnerable internet-exposed web and application servers, UAT-5918 utilized tools previously associated with Volt Typhoon and Flax Typhoon to facilitate lateral movement, credential and data theft, and further compromise.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Attack VectorCovert ChannelsDNS SpoofingDarknetDeauthentication AttackDictionary AttackGoogle HackingHybrid AttackInformation WarfareMorris Worm

You can skip this ad in 5 seconds