- Intrusions have been detected in Guam’s electrical infrastructure.
- The moves have all the hallmarks of a Volt Typhoon campaign.
- However, not everyone on Guam is convinced of the threat.
New reports have claimed that the notorious Chinese hacking group Volt Typhoon is targeting the critical infrastructure of the small island nation of Guam, seeking to disrupt and sabotage services in the region.
Bloomberg’s findings say that the hackers are allegedly targeting the GPA (Guam Power Authority) in particular to wreak havoc.
Guam is a small island with a population of less than 200,000, but it is also home to a large US military base. The base occupies just over a third of the island and provides a strategically significant foothold in the region, with geographical proximity to China undoubtedly a factor in its operations and vulnerability.
Everything, everywhere, everything at once
The report uncovered an incredibly discrete infiltration, to the point that detection was only through small anomalies such as irregular login patterns, with Volt Typhoon being the prime suspect.
The GPA is the island’s only electric company, but the US Navy is its largest customer, as it will consume 20% of the power it generated in 2023.
The island’s critical infrastructure is primarily managed by private companies, so investigating and addressing intrusions is not always straightforward.
Not everyone on the island is convinced of the threat either, and the technical director of some 40 Guam government agencies, Frank Lujan, denied seeing any evidence of compromise, calling it the “Typhoon Volt illusion.”
In early 2024, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), told Congress that Chinese hackers are evolving their attacks on American infrastructure to enable “destructive attacks” against American citizens in the event of an important conflict.
This is “not theoretical,” Easterly says, and Chinese threat actors like Volt Typhoon are developing the ability to cut telecommunications, disrupt pipelines, contaminate water facilities, and paralyze transportation, all to incite “social chaos.” and endanger American lives. The goal of these attacks would be to end “everything, everywhere, at once.”
China has always vehemently denied these claims, calling them baseless and even going so far as to accuse Volt Typhoon of being a CIA asset.
This is not the first Volt Typhoon campaign discovered recently, with reports from early 2024 confirming that the group had compromised US critical infrastructure networks and maintained access for at least five years, in a massive campaign. of cyberespionage.
