In Communications of the ACM, Fortra’s Bob Erdman discusses how nation-state actors, such as China’s Volt Typhoon, target U.S. critical infrastructure by exploiting unpatched vulnerabilities and stolen credentials. The article emphasizes the importance of regular patching, updating security devices, and strengthening defenses to combat these sophisticated cyber threats.
Originally published in Communications of the ACM.
Excerpt: “This infrastructure often includes end-of-life networking gear that vendors no longer support or patch. Volt Typhoon does not typically use malware or ransomware but practices LOTL attacks, using otherwise benign tools already available on the target system.”
