The Department of Homeland Security has issued a Critical Infrastructure Emergency Directive after discovering that Volt Typhoon, a Chinese state-sponsored hacking group, successfully penetrated operational technology systems at 23 American electric utilities across 14 states. The intrusions, some dating back 18 months, were designed for pre-positioning rather than immediate disruption β giving China the ability to trigger power outages on demand.
The affected utilities collectively serve approximately 40 million American households. None of the intrusions resulted in actual outages, but DHS Director Alejandro Mayorkas called the penetrations "the most serious threat to US critical infrastructure that we have publicly disclosed."
The Emergency Directive requires all US electric utilities to immediately audit their operational technology networks for signs of compromise, implement mandatory multi-factor authentication on all remote access systems, and segment their IT and OT networks within 90 days.
Congress is demanding answers. Senate Armed Services Committee Chairman Jack Reed has called for a classified briefing on the extent of Chinese penetration of US critical infrastructure and is drafting legislation to fund a $4 billion grid security upgrade program.
