Politics
Feb. 24: US Govt. Confirms China Compromised US Infrastructure via Cyber Attacks Including Transportation …March 24: Major US Bridge Collapses After Runaway Cargo Ship Takes Out Bridge Support
Early Tuesday morning the Singaporean-Flagged Cargo Ship crashed into the supports and took down the Francis Scott Key Bridge in Baltimore, Maryland.
The M/V Dali can be seen suffering a Total Loss of Power at least Twice before the Crash.
But there’s more to the story.
DC Draino reported on a CISA Conference in February 2024 (just last month) where the US government confirmed that China compromised US infrastructure via cyber attacks – including transportation.
DC Draino: Feb 2024: The US Gov’t confirmed China compromised US-Infrastructure via cyber attacks…to include *TRANSPORTATION*
CISA and its U.S. Government partners have confirmed that this group of PRC state-sponsored cyber actors has compromised entities across multiple critical infrastructure sectors in cyberspace, including communications, energy, *TRANSPORTATION*, and water and wastewater, in the United States and its territories.
The data and information CISA and its U.S. Government partners have gathered strongly suggest the PRC is positioning itself to launch destructive cyber-attacks that would jeopardize the physical safety of Americans and impede military readiness in the event of a major crisis or conflict with the United States.
Great dig by @its_gabbygabs
Feb 2024: The US Gov’t confirmed China compromised US-Infrastructure via cyber attacks…to include *TRANSPORTATION*
CISA and its U.S. Government partners have confirmed that this group of PRC state-sponsored cyber actors has compromised entities across multiple critical… https://t.co/Flya4EBn2G pic.twitter.com/CM2UMu0npu
— DC_Draino (@DC_Draino) March 27, 2024
The report was published on February 7, 2024.
Advisory provides details on the PRC’s efforts to conceal its hacking activity, discovery and mitigation guidance to potential victims, and encourage reporting of any suspected incident
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI), along with key U.S. and international government agencies published a Joint Cybersecurity Advisory today on malicious activity by a People’s Republic of China (PRC) state-sponsored cyber actor, known as Volt Typhoon, to compromise critical infrastructure and associated actions that should be urgently undertaken by all organizations.
CISA and its U.S. Government partners have confirmed that this group of PRC state-sponsored cyber actors has compromised entities across multiple critical infrastructure sectors in cyberspace, including communications, energy, transportation, and water and wastewater, in the United States and its territories. The data and information CISA and its U.S. Government partners have gathered strongly suggest the PRC is positioning itself to launch destructive cyber-attacks that would jeopardize the physical safety of Americans and impede military readiness in the event of a major crisis or conflict with the United States.
In addition to the joint Cybersecurity Advisory, CISA and our partners also released complementary Joint Guidance to help all organizations effectively hunt for and detect the sophisticated types of techniques used by actors such as Volt Typhoon, known as “living off the land.” In recent years, the U.S. has seen a strategic shift in PRC cyber threat activity from a focus on espionage to pre-positioning for possible disruptive cyber-attacks against U.S. critical infrastructure. By using “living off the land” techniques, PRC cyber actors blend in with normal system and network activities, avoid identification by network defenses, and limit the amount of activity that is captured in common logging configurations.
Detecting and mitigating “living off the land” malicious cyber activity requires a multi-faceted and comprehensive approach to discern legitimate behavior from malicious behavior and conduct behavior analytics, anomaly detection, and proactive hunting. This advisory and complementary guidance provide organizations with details on how Volt Typhoon cyber threat actors use “living off the land” techniques to abuse legitimate, native tools and processes on systems, and identifies specific details on the actors’ tactics, techniques, and procedures (TTPs) using certain adversarial behavior patterns.
“The PRC cyber threat is not theoretical: leveraging information from our government and industry partners, CISA teams have found and eradicated Volt Typhoon intrusions into critical infrastructure across multiple sectors. And what we’ve found to date is likely the tip of the iceberg,” said CISA Director Jen Easterly. “Today’s joint advisory and guide are the result of effective, persistent operational collaboration with our industry, federal, and international partners and reflect our continued commitment to providing timely, actionable guidance to all of our stakeholders. We are at a critical juncture for our national security. We strongly encourage all critical infrastructure organizations to review and implement the actions in these advisories and report any suspected Volt Typhoon or living off the land activity to CISA or FBI.”
Today’s joint advisory is based primarily on technical insights gleaned from CISA and industry response activities at victim organizations within the United States, primarily in communications, energy, transportation, and water and wastewater sectors. Our complementary joint guide is derived from those insights as well as previously published products, red team assessments, and industry partners.
The new advisory and guide have been jointly issued by CISA, National Security Agency (NSA), Federal Bureau of Investigation (FBI), Department of Energy (DOE), Environmental Protection Agency (EPA), Transportation Security Administration (TSA), Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), a part of the Communications Security Establishment (CSE), United Kingdom National Cyber Security Centre (NCSC-UK), and New Zealand National Cyber Security Centre (NCSC-NZ).
For more information, visit People’s Republic of China Cyber Threat.
This national cyber security warning was sent out just last month!
And yet these same government officials believe the Francis Scott Key Bridge incident was not an attack?
Seems a bit questionable.
Read the full article here