Microsoft and CISA disclosed that Volt Typhoon — a Chinese state-sponsored hacking group — had infiltrated critical infrastructure networks across the United States, including electrical utilities, water systems, communications networks, and transportation systems. The intrusions were assessed as pre-positioning for potential disruptive cyberattacks in the event of a US-China military conflict, particularly regarding Taiwan. Unlike typical espionage, Volt Typhoon focused on maintaining persistent, undetected access to OT (operational technology) systems that control physical infrastructure. By early 2026, Dragos reported that Volt Typhoon remained active and deeply embedded in US infrastructure, with some compromised systems that investigators believe will "never be found."
Microsoft and CISA disclosed that Volt Typhoon — a Chinese state-sponsored hacking group — had infiltrated critical infrastructure networks across the United States, including electrical utilities, water systems, communications networks, and transportation systems. The intrusions were assessed as pre-positioning for potential disruptive cyberattacks in the event of a US-China military conflict, particularly regarding Taiwan. Unlike typical espionage, Volt Typhoon focused on maintaining persistent, undetected access to OT (operational technology) systems that control physical infrastructure. By early 2026, Dragos reported that Volt Typhoon remained active and deeply embedded in US infrastructure, with some compromised systems that investigators believe will “never be found.”
// Source
📰 CISA / Microsoft / NSA Read Full Story →ThreatMap USA summarizes publicly available reports for informational purposes. See our disclaimer.
// Incident Details
| Incident Date | 20230524 |
| County | Multiple Counties |
| State | Alabama |
| Severity | Critical |
| Published | May 24, 2023 |
| Source | CISA / Microsoft / NSA |