Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Chinese officials made the admission last year during a closed-door meeting at a Geneva summit in late 2024.
China has admitted for the first time that hackers with the People’s Republic of China (PRC) backing are behind cyber activity attributed by cyber security researchers to a threat actor known as Volt Typhoon.
Volt Typhoon has been responsible for intrusions into vital critical infrastructure both in the continental United States and its possessions through the Pacific.
The group has made transport hubs and water utilities a particular target, with the hackers so far not causing any disruption but rather prepositioning themselves ahead of any hostile action.
The admission of Chinese responsibility came during a secret meeting between outgoing Biden administration officials and Chinese representatives on the sidelines of a summit in Geneva in December 2024. According to two anonymous observers, The Wall Street Journal (WSJ) reported late last week that the Chinese attendants referred indirectly to the activity as being a warning for the US to stay away from any attempts to support or defend Taiwan.
According to the WSJ, the comments were “indirect and somewhat ambiguous”; however, US officials present felt the meaning was plain.
Speaking to Cyber Daily’s sister brand, Defence Connect, earlier this year, Adam Meyers, SVP of counter-adversary operations at CrowdStrike, said that Volt Typhoon’s activity was clearly aimed at disrupting any US action in the region.
“With Vanguard Panda, also known as Volt Typhoon, we have seen them tied to … attacks designed to disrupt logistical networks,” Meyers said.
“China seeks the ability to disrupt intervention from a carrier strike group in the INDOPACOM theatre in a conflict over Taiwan, without a shot being fired, with prepositioned attacks.”
Any direct US support for Taiwan in the case of a Chinese invasion would be reliant on a long supply chain and prepositioned supplies and infrastructure. However, by disrupting port operations, refuelling and resupply operations could be at risk.
Responding to inquiries by the WSJ, a US State Department spokesperson refused to comment on the alleged meeting but did say that it saw Volt Typhoon activity as “some of the gravest and most persistent threats to US national security”.
The Chinese embassy in Washington was similarly tight-lipped about the meeting but did accuse the US of “using cyber security to smear and slander China”.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
