Ex-CISA chief: Stop calling Chinese hackers silly names and start taking them seriously
Is it time to ditch monikers like Volt Typhoon to focus on the true nature of Beijing-linked threat actors working to destabilise the West?
Two former leaders of the Cybersecurity and Infrastructure Agency (CISA) have called on America's digital defenders to stop giving Chinese threat actors ever-so-slightly ridiculous names like "Insidious Taurus".
Jen Easterly, who stepped down as CISA director when President Trump took office, said that "marketing labels" obscure the nature of the threat and "only serve to glamorise pernicious cyber actors".
Insidious Taurus is one of the names for a notorious state-sponsored hacking group called “Volt Typhoon” or “Vanguard Panda”. It has targeted US critical infrastructure, aiming to disrupt or disable essential systems.
Other groups are called “Mustang Panda”, or “Twill Typhoon" to its friends, and Salt Typhoon, an advanced persistent threat (APT) believed to be run by China's Ministry of State, which is also known as Ghost Emperor or FamousSparrow.
In a LinkedIn post, Easterly urged the security community to "‼️CALL THEM BY THEIR NAME‼️".
She wrote: "Let’s be crystal clear: the Chinese Communist Party is systematically targeting the critical infrastructure networks that sustain our national security, our economy, and our way of life."
"We must speak with clarity about the provocations of the Chinese military and ensure public support for a strategy that combines deterrence by denial with deterrence by punishment, a strategy that makes it crystal clear that we have the capability and the resolve to aggressively defend our critical infrastructure at home, to hold our adversaries’ critical infrastructure at risk, and, if necessary, to impose costs on them."
Brandon Wales, former CISA executive director of CISA, shared a similar sentiment at a recent hearing of the House Homeland Committee.
The gravity of this moment - the continually compounding risk posed by an exploding set of cyber threat actors, highlighted by the preparation for war by the Chinese Communist Party - requires serious, straightforward conversation among policymakers, elected officials, business leaders, and the American public," he said.
"We must call our adversaries’ activities what they are—preparation for war. Accordingly, we must call them by their names, plainly, and without fanciful marketing terms that only benefit cybersecurity vendor marketing teams and the adversary themselves, by mythologising and obfuscating. Foreign government hackers positioned to take hospitals offline and turn off the water supply don’t deserve flashy codenames, they deserve disdain and confrontation.”
Have you got a story or insights to share? Get in touch and let us know.
