Industrial cybersecurity was analyzed in a recent report by Dragos Inc. The report identified three new OT Threat Groups—VOLTZITE, GANANITE and LAURIONITE. With these additions, analysts now track 21 Threat Groups worldwide that have been observed as being engaged in OT operations in 2023.
VOLTZITE targets electric power generation, transmission and distribution and has been observed targeting research, technology, defense industrial bases, satellite services, telecommunications and educational organizations. The group overlaps with Volt Typhoon, a group that the U.S. government has publicly linked to the People’s Republic of China. The group’s threat activities include living off the land (LOTL) techniques, prolonged surveillance, and data gathering aligned with Volt Typhoon’s assessed objectives of reconnaissance and gaining geopolitical advantage in the Asia-Pacific region. They have traditionally targeted U.S.-based facilities, but also have been seen targeting organizations in Africa and Southeast Asia.