The U.S. government has discovered a Chinese hacking operation targeting critical infrastructure in Guam. The campaign, known as Volt Typhoon, aims to disrupt military and civilian operations by infiltrating systems to prepare for potential sabotage. Guam is a key U.S. military outpost in the Pacific.
It is strategically vital for U.S. Navy operations. The hacking campaign creates vulnerabilities in Guam’s essential services, such as water systems, power grids, and communication networks. Volt Typhoon is notable for its covert approach.
It mimics legitimate users to avoid detection. However, it was ultimately discovered due to irregular login patterns identified by the Guam Power Authority (GPA). GPA supplies about 20% of its energy to the U.S. Navy.
Hackers under the Volt Typhoon banner have been active since at least 2021.
Chinese hacking threatens Guam infrastructure
One of their initial detections was traced back to an investigation into a cyberattack on a Houston port.
Multiple intrusions were later revealed, including into federal networks previously believed secure. Federal agencies, including the FBI, NSA, and Coast Guard, have responded by deploying teams to Guam. They have installed monitoring systems across various critical infrastructures.
However, the decentralized nature of Guam’s infrastructure complicates coordinated defense efforts. Local resistance and mistrust have also delayed comprehensive security measures. For instance, GPA declined network monitoring offers from Google-owned Mandiant.
They cited concerns about external oversight. Rival telecom companies in Guam also resisted collaboration during a 2024 congressional visit. The discovery of this hacking campaign underscores the critical need for coordinated cybersecurity measures.
These measures are needed to protect essential infrastructure against increasingly sophisticated cyber threats.
