Dragos Intelligence has been tracking activity by the VOLTZITE Threat Group, which overlaps with Volt Typhoon, since early 2023. Last week, the Cybersecurity & Infrastructure Security Agency (CISA) released a report detailing some of the techniques, tools, and infrastructure used by VOLTZITE over the course of the previous year. The week prior, the FBI announced that it had terminated VOLTZITE’s control of some of its infrastructure, shutting down a botnet of compromised network devices. These unprecedented steps point to the seriousness of this threat – it demands action.
This Intelligence Brief shares information Dragos Intelligence has collected on these espionage operations targeting of U.S. critical infrastructure, with clear guidance for OT asset owners and operators on how to defend against stealthy operators like VOLTZITE.
Download the Intel Brief.
