2024-08-07 –, Copa
Multiple US agencies (and Canada too) have confirmed that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations—primarily in Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors—in the continental and non-continental United States and its territories, including Guam. Volt Typhoon’s choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the U.S. authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions. The U.S. authoring agencies are concerned about the potential for these actors to use their network access for disruptive effects in the event of potential geopolitical tensions and/or military conflicts. What are the implications of these pre-positioning attacks, and how should critical infrastructures and members of the general public respond to these types of threats.
Multiple US agencies have confirmed that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations—primarily in Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors—in the continental and non-continental United States and its territories, including Guam. Volt Typhoon’s choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the U.S. authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions. The U.S. authoring agencies are concerned about the potential for these actors to use their network access for disruptive effects in the event of potential geopolitical tensions and/or military conflicts. What are the implications of these pre-positioning attacks, and how should critical infrastructures and members of the general public respond to these types of threats.
Beau Woods is a leader with the I Am The Cavalry grassroots initiative, Founder/CEO of Stratigos Security, a Cyber Safety Innovation Fellow with the Atlantic Council, leads the public policy space at DEF CON, and helps run the I Am The Cavalry track at BSides Las Vegas. In addition, Beau helped found the ICS Village, Aerospace Village, Hack the Sea, and Biohacking Village: Device Lab. His work bridges the gap between the security research and public policy communities, to ensure connected technology that can impact life and safety is worthy of our trust. He formerly served as Senior Advisor with US CISA, Entrepreneur in Residence with the US FDA, and Managing Principal Consultant at Dell SecureWorks. Over the past several years, Beau has consulted with the energy, healthcare, automotive, aviation, rail, and IoT industries, as well as cyber security researchers, US and international policy makers, and the White House. Beau is a published author, public speaker, media contributor.
Karl's security journey began with early Bulletin Board (BBS) payment systems and continued through to the modern internet age with the creation of Canada's first high-speed mobile network using licensed PCS spectrum. These efforts sparked Karl’s interest in telecommunications, internet engineering and cybersecurity solutions more broadly, which formed the foundation for Karl’s nearly three decade career building security systems and critical infrastructure.
Karl Holmqvist is the CEO of Lastwall, a trusted Identity Platform company used by the U.S. Department of Defense and a growing number of civilian Government agencies and critical infrastructure entities. Karl is an outspoken advocate for quantum resilient systems to mitigate threats posed by the advent of a Quantum computer.