US is still chasing down pieces of Chinese hacking operation, NSA official says – The Record from Recorded Future News
FORT MEADE, MARYLAND The U.S. government has yet to learn the full extent of a massive Chinese espionage campaign that targeted American critical infrastructure, according to a senior National Security Agency official.
Federal agencies are not done with efforts to uncover or eradicate the threats created by the Chinese hacking group known as Volt Typhoon, said Rob Joyce, the outgoing director of the NSAs Cybersecurity Directorate, during a roundtable with reporters on Friday.
Investigators are still finding victims and making sure to clear out intrusions tied to the sweeping operation, which Western nations first disclosed nearly a year ago, he said.
Joyce also acknowledged for the first time that the government used artificial intelligence to discover some of the breaches made during the campaign, noting that Volt Typhoon activity was difficult to initially identify because the group steals or generates legitimate credentials and doesnt bring additional malware into a system.
Conversely, Joyce said he has seen no examples of them using AI to date. Instead, the prolific, state-sponsored outfit relies on bulk vulnerability scans to sniff out and exploit known weaknesses.
Joyce declined to comment on just how much of the operation the federal government has unearthed to date.
The new insights come a few weeks after some of the countrys top cybersecurity leaders issued stark warnings about the ability of Volt Typhoon and other Chinese hackers to compromise U.S. networks should a conflict with Beijing arise.
"Unfortunately, the technology underpinning our critical infrastructure is inherently insecure because of decades of software developers not being held liable for defective technology," Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA) told the House Select Committee on China.
"That has led to incentives where features and speed to market have been prioritized against security, leaving our nation vulnerable to cyber invasion, she said during the January 31 hearing.
That same day, the Justice Department announced it had disrupted an effort by Volt Typhoon to infiltrate hundreds of insecure U.S. home routers and gain access to critical infrastructure.
The U.S. and its allies revealed the groups actions last May when analysts at Microsoft found it had targeted systems ranging from U.S. telecommunication networks and transportation hubs to the military installation on the island territory of Guam.
Since then, the Biden administration has published over six digital security adversaries warning of the Volt Typhoons tactics and techniques.
From the beginning, its been a broad campaign, said Joyce, who noted targets included airlines as well as energy and pipeline organizations.
The intent really goes back to inspiring societal panic, he said.
That would, in turn, force the U.S. to turn inward and prevent the nation from being able to mobilize and support a conflict in the South Pacific, he told reporters, adding the view of the activity changed as we expanded our knowledge about it
That said, officials believe it would be a pretty high bar for Beijing to activate the groups pre-positioning in Western networks, according to Joyce.
He told reporters he hoped Chinese officials would be thoughtful following the national anger at the discovery of Beijings high-altitude balloon campaign last year.
Chinas military sorely underestimated the countrys response to that event, an anger that would only grow if state-backed hackers struck water and transportation systems, he predicted.
Joyce, who was the NSAs initial pick to be its latest No. 2, instead will retire at the end of the month.
He will be replaced by Dave Luber, who has held various posts at U.S. Cyber Command and has served as the Cybersecurity Directorates deputy chief for almost the last four years.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Martin Matishak
is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.
The rest is here:
US is still chasing down pieces of Chinese hacking operation, NSA official says - The Record from Recorded Future News
- The NSA, Mythos and the quiet emergence of AI cyber doctrine - csoonline.com - May 27th, 2026 [May 27th, 2026]
- NSA warning on AI automation protocol raises fresh testing concerns for banks - QA Financial - May 27th, 2026 [May 27th, 2026]
- Pentagon and NSA Form Joint AI Task Force to Deploy Frontier Hacking Models on Classified Networks - SOFX - May 27th, 2026 [May 27th, 2026]
- Marco Rubio meets NSA Doval, discusses defence, security and strategic tech cooperation including TRUST in - The Economic Times - May 27th, 2026 [May 27th, 2026]
- Two protesters detained under NSA to appear before advisory board in Lucknow today - The Times of India - May 27th, 2026 [May 27th, 2026]
- General Paul M. Nakasone Director National Security Agency and staff carry a wreath to the Memorial Wall. - National Security Agency (NSA) (.gov) - May 20th, 2026 [May 20th, 2026]
- NSA scandal: Court admits bank documents between Gifty Oware and ADB - Modern Ghana - May 20th, 2026 [May 20th, 2026]
- Wiretapping trial: NSA, ICPC boss acknowledge conversation cited by in El-Rufai TV Interview - Business News Nigeria - May 20th, 2026 [May 20th, 2026]
- NSA, ICPC El-Rufais Open Confession in Media Interview Witness Testifies - The Guardian Nigeria News - May 20th, 2026 [May 20th, 2026]
- NSA issues strong warning to sports bodies over governance compliance - GhanaWeb - May 20th, 2026 [May 20th, 2026]
- Witness: NSA confirmed wiretapped conversation referenced by el-Rufai was authentic - TheCable - May 20th, 2026 [May 20th, 2026]
- NSA wiretapping: El Rufai returned to DSS custody, awaits bail - Pointblank News - May 20th, 2026 [May 20th, 2026]
- Alleged Security Breach: NSA Confirmed Conversation Referenced By El-Rufai Was Authentic Witness - Channels Television - May 20th, 2026 [May 20th, 2026]
- El-Rufai: NSA, ICPC chair confirmed tapped conversation Witness - Punch Newspapers - May 20th, 2026 [May 20th, 2026]
- Imran Khan coup: 'US message to Pakistan was clear ...' says Tilak Devasher, frmr NSA board - The Economic Times - May 20th, 2026 [May 20th, 2026]
- NSA Lady Saints two wins from claiming seventh consecutive V... - The Suffolk News-Herald - May 16th, 2026 [May 16th, 2026]
- The imposition of NSA on Satyam Verma and Aakriti Chaudhary is a conspiracy to keep them in jail - Countercurrents - May 16th, 2026 [May 16th, 2026]
- 'No Sailor Lives Afloat' Initiative: NSA Naples Moves 54 Sailors from Shipboard Berthing to Shore - DVIDS - May 16th, 2026 [May 16th, 2026]
- Workers protest: Day after invoking NSA, police say 1 cr transactions found in banks accounts of one accused | Hindustan Times - Hindustan Times - May 16th, 2026 [May 16th, 2026]
- Press Club of India urges Uttar Pradesh govt. to withdraw NSA against journalist Satyam Verma - The Hindu - May 16th, 2026 [May 16th, 2026]
- Uttar Pradesh police invoke NSA against two accused held during workers protest in Noida - The Hindu - May 16th, 2026 [May 16th, 2026]
- Illegal Mining: FG Hands Over Foreign Terror Suspects To NSA - Channels Television - May 16th, 2026 [May 16th, 2026]
- Noida Violence: NSA invoked against Satyam Verma and Aakriti Choudhary over alleged role in labour protest - Organiser - May 16th, 2026 [May 16th, 2026]
- NSA invoked against two accused in Noida labour unrest case - Awaz The Voice - May 16th, 2026 [May 16th, 2026]
- NSA invoked against two in April 13 workers stir in Noida - The New Indian Express - May 16th, 2026 [May 16th, 2026]
- Homeland Security: Replace NSA Ribadu if you lack confidence in him ADC to Tinubu - Daily Post Nigeria - May 16th, 2026 [May 16th, 2026]
- NSA sweeps Cape Henry for TCIS baseball and softball titles - The Suffolk News-Herald - May 9th, 2026 [May 9th, 2026]
- News - NSA Naples Sailor Named Navy Military Fire Officer of the Year - DVIDS - May 9th, 2026 [May 9th, 2026]
- Bergen's solo homerun lifts NSA into the TCIS Final - The Suffolk News-Herald - May 9th, 2026 [May 9th, 2026]
- NSA members bring sheep farming into the classroom - Farmers Guardian - May 9th, 2026 [May 9th, 2026]
- Amritpals mother confronts Mann: His NSA over, why arent you bringing him to Punjab? - The Indian Express - May 9th, 2026 [May 9th, 2026]
- They Said They Were From NSA Ribadus Office, Seized My Husband In Abuja Hotel: Woman Cries Out Over Alleged Disappearance - Sahara Reporters - May 9th, 2026 [May 9th, 2026]
- NSA Ajit Doval, Vietnam President discuss strengthening strategic partnership - The Sentinel - of this Land, for its People - May 9th, 2026 [May 9th, 2026]
- Cyber Command, NSA chief warns foreign adversaries likely to target midterms - The Record from Recorded Future News - April 29th, 2026 [April 29th, 2026]
- CISA flags data-theft bug in NSA-built OT networking tool - theregister.com - April 29th, 2026 [April 29th, 2026]
- Decades-old pre-Stuxnet cyber sabotage tool breaks cover, NSA listed it as 'nothing to see here' fast16 targeted nuclear reactors, dam design, and... - April 29th, 2026 [April 29th, 2026]
- The NSA Just Warned Everyone to Reboot Their Routers What to Do Right Now - National Cybersecurity Alliance - April 29th, 2026 [April 29th, 2026]
- Former NSA Science Chief Warns Humanity May Be Missing Something 'Huge' About UFO Phenomena - International Business Times UK - April 29th, 2026 [April 29th, 2026]
- Court rejects bid to halt trial of former NSA Deputy CEO - Ghanaian Times - April 29th, 2026 [April 29th, 2026]
- The NSA: SLs missing link on the geopolitical stage - The Morning - April 29th, 2026 [April 29th, 2026]
- Farmers seeking new pastures urged to try NSA's Graziers List - Craven Herald - April 29th, 2026 [April 29th, 2026]
- Punjab Police takes Amritpal on 2-day remand following expiry of NSA detention - ThePrint - April 29th, 2026 [April 29th, 2026]
- Report: NSA is currently using Anthropics unreleased Mythos model - Sherwood News - April 23rd, 2026 [April 23rd, 2026]
- FBI And NSA Warnings IgnoredNo Fix For Millions Of Phones - Forbes - April 23rd, 2026 [April 23rd, 2026]
- NSA Uses AI Mythos Even Though Anthropic is Blacklisted by the Pentagon - VOI.ID - April 23rd, 2026 [April 23rd, 2026]
- NSA Running Blacklisted Anthropic AI: Warning for UK Banks - Disruption Banking - April 23rd, 2026 [April 23rd, 2026]
- Amritpal Singh Taken into Punjab Police Custody After NSA Detention Ends in Dibrugarh - The Sentinel - of this Land, for its People - April 23rd, 2026 [April 23rd, 2026]
- Cybersecurity, Claude Mythos, is Anthropic's model in the hands of the Nsa? - Il Sole 24 ORE - April 23rd, 2026 [April 23rd, 2026]
- NSA Doval Meets Top Saudi Leaders, Focus On Security And Energy - The Times of India - April 23rd, 2026 [April 23rd, 2026]
- NSA: stereotyping, ethnic profiling can weaken intelligence gathering - The Nation Newspaper - April 7th, 2026 [April 7th, 2026]
- Former NSA John Bolton says Pentagon would have told President Trump about Iran closing the Strait of Hormuz beforehand - indica News - April 5th, 2026 [April 5th, 2026]
- Trump Thought This Would Be Easier: Former NSA John Bolton Exposes US Presidents Unprepared War Strategy - Republic World - April 5th, 2026 [April 5th, 2026]
- Dog owners urged to take responsibility as NSA ramps up sheep worrying campaign - Hexham Courant - April 5th, 2026 [April 5th, 2026]
- Dog owners urged to take responsibility as NSA ramps up sheep worrying campaign - The Scottish Farmer - April 5th, 2026 [April 5th, 2026]
- 'Dhurandhar 2 sets a new benchmark, it's going to be very difficult for anyone to match up': Former deputy NSA of India | Bollywood - Hindustan Times - April 1st, 2026 [April 1st, 2026]
- Rethinking the NSA Office beyond security coordination - The Nation Newspaper - April 1st, 2026 [April 1st, 2026]
- The $15 Billion Post-Quantum Migration: NIST Standards Are Final, NSA Deadlines Are Set, and Enterprise Cybersecurity Is About to Be Rebuilt from the... - April 1st, 2026 [April 1st, 2026]
- NSA kicks off sheep worrying awareness week - Agriland.co.uk - April 1st, 2026 [April 1st, 2026]
- Regime change only way to tackle Iran threat, says former US NSA John Bolton - CNBC TV18 - March 30th, 2026 [March 30th, 2026]
- The command centre: Why Nigerias NSA must evolve beyond coordination - guardian.ng - March 30th, 2026 [March 30th, 2026]
- Former NSA chiefs worry American offensive edge in cybersecurity is slipping - CyberScoop - March 28th, 2026 [March 28th, 2026]
- NSA and ASDs ACSC Release Joint Guidance on LEO SATCOM System Risks and Mitigations - National Security Agency (.gov) - March 28th, 2026 [March 28th, 2026]
- New NSA director pushes for more intel-sharing with allies in internal meeting - Nextgov/FCW - March 28th, 2026 [March 28th, 2026]
- "Trump Is Transactional, Doesn't Think Strategically": Former US NSA - NDTV - March 28th, 2026 [March 28th, 2026]
- Former NSA John Bolton urges Trump to cut Irans oil revenue after PM Modi call - The Indian EYE - March 28th, 2026 [March 28th, 2026]
- $HAREHOLDER ALERT: The M&A Class Action Firm Is Investigating The MergerULY, NSA, CTRA, and FONR - WBOC TV - March 28th, 2026 [March 28th, 2026]
- Rethinking the command centre: Why Nigerias NSA must evolve beyond coordination - The Sun Nigeria - March 28th, 2026 [March 28th, 2026]
- Constitutional freedoms cannot be exercised at the cost of human lives: Allahabad HC upholds preventive detention order under NSA - SCC Online - March 28th, 2026 [March 28th, 2026]
- Next Generation Shepherd of the Year Competition opens for NSA Scotsheep 2026 - The Scottish Farmer - March 28th, 2026 [March 28th, 2026]
- NSA (NSA) explains vesting, prorated FY2026 bonus and severance in merger with Public Storage - Stock Titan - March 20th, 2026 [March 20th, 2026]
- Sergio Gor meets NSA Ajit Doval discussing geopolitical issues - The Indian EYE - March 20th, 2026 [March 20th, 2026]
- National Storage Investor Alert: Kahn Swick & Foti, LLC Investigates Adequacy of Price and Process in Proposed Sale of National Storage Affiliates... - March 20th, 2026 [March 20th, 2026]
- Public Storage to Buy NSA: Is This a Smart Growth Move for Investors? - TradingView - March 20th, 2026 [March 20th, 2026]
- Was Russia an IMMINENT THREAT to US?: Rep Scott Perry grills NSA official on Ukraine war - The Economic Times - March 20th, 2026 [March 20th, 2026]
- NSA invoked against prime accused Aslam in banned meat supply case - thehitavada.com - March 20th, 2026 [March 20th, 2026]
- Watch | Indian Foreign Policy Confused; Were Not as Influential as We Used to Be: Former NSA - TheWire.in - March 20th, 2026 [March 20th, 2026]
- Russia Or Iran? Trumps NSA Cornered in Senate Over Military Action in Iran As War Enters 4th Week - Oneindia - March 20th, 2026 [March 20th, 2026]
- Need to Evolve The Office of the NSA Beyond Coordination to National Defence Strategy Nerve Centre - THISDAYLIVE - March 20th, 2026 [March 20th, 2026]
- Halper Sadeh LLC is Investigating Whether UNF, NSA, ULY, MPX are Obtaining Fair Deals for their ... - Bluefield Daily Telegraph - March 20th, 2026 [March 20th, 2026]
- Organized and technological: ICE resistance groups posing growing danger, warns former top NSA, DHS official - Fox News - March 18th, 2026 [March 18th, 2026]