In a recent interview, we delved into the cybersecurity incident involving Versa Networks, a prominent startup headquartered in Santa Clara, California. Reports indicate that hackers have compromised the company’s software, granting unauthorized access to multiple organizations and critical institutions. Lumen Technologies’ cybersecurity division suggests that this breach is likely connected to a Chinese government-backed hacking group known as “Volt Typhoon.”
According to Bloomberg, the Volt Typhoon hackers took advantage of a vulnerability in Versa’s software, which facilitated their infiltration of internet companies in both the United States and India. Versa, recognized as a key provider of networking software, has garnered substantial investments from major venture capital firms like BlackRock and Sequoia Capital.
The breach took place several months ago, prompting an investigation by Lumen’s Black Lotus Labs at the request of Versa. On July 27, Black Lotus Labs released their findings, confirming that the intrusion stemmed from Volt Typhoon’s activities. They also noted that these hacking efforts could still be ongoing, despite the vulnerability in Versa’s software being patched. This revelation has raised alarms among U.S. government officials and businesses about the potential risks and vulnerabilities related to cyberattacks on critical infrastructure.
Earlier this year, the U.S. government accused Volt Typhoon of targeting essential services, including water resources, power grids, and communication networks. Some officials believe these hacks aim to sabotage these services in the event of a crisis between the U.S. and China, potentially affecting America’s response capabilities in situations like a possible invasion of Taiwan.
In June, Lumen Technologies updated Versa on their investigation findings, leading the company to create an “emergency patch,” which was sent to customers by the end of that month. Versa highlighted that one of their clients affected by the breach did not adhere to earlier security guidelines, which included crucial network configuration instructions.
Dan Maier, Versa’s Chief Marketing Officer, emphasized that the company’s 2015 guidelines recommended customers disable a “specific port” to secure internet access. Unfortunately, it seems that some clients overlooked this advice. With the recent upgrades to their system, Maier reassured that even if clients do not follow the recommended protocols, they will no longer face the same level of risk.
