20 March 2024
In February 2024, the NCSC joined international partners in publishing a cyber security advisory about the activities of a state-sponsored actor linked to the People’s Republic of China (PRC), known as Volt Typhoon.
The advisory outlined observed behaviours and provided guidance to help network defenders mitigate the threat.
Today, the NCSC and ten international partners are publishing an additional fact sheet focused on Volt Typhoon, specifically for the owners and operators of critical national infrastructure. The new publication helps organisations better secure their systems and services against this activity.
The fact sheet provides executive leaders with an overview of the urgent risk posed by Volt Typhoon. Previous advisories released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned cyber security defenders about Volt Typhoon’s activity on the networks of U.S. critical infrastructure organisations. Volt Typhoon has been pre-positioning itself to enable disruption or destruction of critical services in the event of increased geopolitical tension or military conflict involving the United States and its allies. This represents a critical business risk for every organisation in the United States and allied countries.
The NCSC and other authoring agencies are releasing this fact sheet to help leaders of critical infrastructure entities prioritise protecting their systems and functions. The agencies urge leaders to recognise cyber risk as a core business risk — necessary for good governance and fundamental to national security.
PRC State-Sponsored Cyber Activity Actions for Critical Infrastructure Leaders [PDF, 561 KB]