"In its yearly cybersecurity report, Dragos said state-sponsored crews haven't let up on their attempts to compromise America's critical infrastructure, with three new OT-focused threat groups joining the fray. This brings the total number worldwide to 26, and of these, 11 were active in 2025. Additionally, an existing group that Dragos tracks as Voltzite and is "highly correlated" with Volt Typhoon, according to Dragos CEO Robert M. Lee, kept up its intrusion activities last year."
"In 2025, Voltzite continued embedding its malware inside strategic American utilities "to maintain long-term persistence," Lee said. "They [Voltzite] weren't just getting in and getting access - they were getting inside the control loop" system that manages utilities' industrial processes, Lee said in a briefing with reporters, adding that the PRC-backed crew's primary focus is causing future disruption. Voltzite was embedded in that infrastructure for the purpose of taking it down"
Three new OT-focused threat groups targeted critical infrastructure in 2025, bringing the global total to 26 groups, 11 of which were active that year. A Beijing-backed crew linked to Volt Typhoon, tracked as Voltzite, continued compromising cellular gateways and routers and infiltrated US electric, oil, and gas companies. Voltzite embedded malware inside strategic American utilities to maintain long-term persistence and accessed control loop systems that manage industrial processes. The group's activities prioritized enabling future disruption rather than intellectual property theft. Energy, water, manufacturing, and transportation sectors remain primary targets of state-linked cyber operatives.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]