Security Hot Takes: Critical Infrastructure Advisory
This briefing walks through a joint cybersecurity advisory addressing Volt Typhoon, a People's Republic of China (PRC) state-sponsored threat actor, and what the findings mean for asset o...
To understand why this advisory triggered such a strong diplomatic and technical response, consider the kind of scenario security teams are now forced to plan for: a sustained cyber campaign against energy, water, and transportation infrastructure is discovered, prompting a foreign ambassador to be summoned for an emergency meeting. In this hypothetical, a fire breaks out at an oil refinery following a coordinated cyberattack, while major metropolitan areas are left without electricity and water service. This is not a description of a confirmed real-world event — it is an illustrative worst-case scenario used to frame the stakes of the advisory discussed below. It captures exactly why the prepositioning activity described in this advisory is treated as a national-security-level concern rather than a routine espionage disclosure: the threat actor's foothold is not about stealing data, it is about maintaining the option to disrupt physical infrastructure at a time of the attacker's choosing.
The advisory documents Volt Typhoon's tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK framework, and while the group tailors its approach to each victim environment, it consis...
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
3 sections- 1 Table of Contents
- 2 Module 1: The Volt Typhoon Critical Infrastructure Advisory
- 3 Summary
More Security Hot Takes & Threat Intel courses
View all 21Hot Takes: Inside a Microsoft Ransomware Attack
The Marks & Spencer incident is a textbook example of how modern ransomware operations succeed by targeting identity infrastructure and virtualization hosts rather than individual endpoin...
IT Security Champion: Cyber Threat Intel and Emerging Threats
Security is everyone's job — not solely the responsibility of the security department. Adopting a security culture and a security mindset is the foundation of being an effective IT securi...
Security Hot Takes: The LastPass Breach
The LastPass breach is actually two distinct but connected security incidents, separated by several months, with confusing and inconsistent public communication from the company throughou...
Sandworm: Application Layer Protocol and Web Emulation
Command and control is the connective tissue of nearly every intrusion that progresses beyond initial access — without it, an attacker cannot issue commands, move laterally, or exfiltrate...
Security Hot Takes: SBOMs
security · hot · takes · sboms · threat · intel · networking · systems · sbom · bills · materials · concept · debate · mandate · software.
Security Hot Takes: The Aliquippa Water Breach
The Aliquippa Water Authority breach is a case study in how a basic, avoidable systems-integration failure — not a sophisticated exploit — can expose critical infrastructure to compromise...
Interested in this course?
Contact us to book it or get a custom training plan for your team.