Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months therecord.media/volt-typh…

Dragos found evidence of lateral movement by the hackers and data exfiltration but an investigation revealed that the “compromised information did not include any customer-sensitive data, and the utility was able to change their network architecture to remove any advantages for the adversary.”

“The significance of the discovery of this attack is that it highlights that the adversary not only aimed to maintain persistent access to the victim’s environment for a long tenure, but also were aiming to exfiltrate specific data related to OT operating procedures and spatial layout data relating to energy grid operations,” a Dragos expert said.

That kind of information is pivotal for adversaries looking to know where to attack if their goal is destruction, they explained.