U.S. authorities have issued a new warning that the Volt Typhoon cyber campaign remains active and continues to target critical infrastructure networks. Officials say the operation is linked to Chinese state-sponsored actors and is designed to preposition access that could be used in a future conflict.

The advisory underscores concerns that attackers are focusing on sectors such as communications, energy, transportation and water systems. According to the warning, the goal is not only espionage but also potential disruption, raising the stakes for civilian services that millions of people rely on every day.

Cybersecurity agencies have urged operators of essential systems to strengthen network defenses, review access controls and monitor for signs of intrusions. The latest notice reflects a broader pattern of escalation in state-backed cyber activity, where critical infrastructure has become a prime target in geopolitical rivalry.

The renewed alert is likely to increase pressure on public and private operators to harden their systems against long-term intrusions. For governments and infrastructure providers, the challenge is not just detecting attacks, but preventing attackers from quietly establishing a foothold that could be activated at a later date.