The U.S. government and international partners have warned of the cybersecurity dangers from the Chinese hacking group Volt Typhoon.

Volt Typhoon has penetrated U.S. critical infrastructure networks, sometimes maintaining access for years.

The group's focus on Operational Technology (OT) assets heightens risks during periods of heightened geopolitical or military tension.

Leaders are advised to improve logging, strengthen cybersecurity teams, and develop comprehensive cyber incident response plans.

Since mid-2021, Volt Typhoon has leveraged a botnet, termed KV-botnet, to avoid detection while targeting U.S. infrastructure.

The FBI has intervened to disrupt the KV-botnet and urges SOHO router manufacturers to increase security.

A coordinated international response highlights the severity of the threat and the necessity for infrastructure owners to be proactive in defense.