Volt Typhoon’s Silent Pre-Positioning in Critical Infrastructure: A Long-Term Threat to Global Stability

Executive Summary: In late January 2026, cybersecurity researchers uncovered a coordinated campaign by Volt Typhoon—a state-sponsored advanced persistent threat (APT) group affiliated with the People’s Republic of China—targeting critical infrastructure across North America, Europe, and Asia. The campaign, codenamed Operation Silent Watch, involves the pre-positioning of custom malware and backdoors in ICS/SCADA systems, residential proxy networks such as IPIDEA, and exposed AI inference servers (e.g., Ollama deployments). This article analyzes the geopolitical and technical implications of Volt Typhoon’s activities, evaluates the role of RPKI in mitigating routing-based attacks, and provides actionable recommendations for governments and private sector stakeholders.

Key Findings

• Volt Typhoon has compromised or infiltrated over 1,750 critical infrastructure sites globally, including energy grids, water treatment facilities, and transportation systems.
• The group is leveraging the IPIDEA residential proxy network—one of the world’s largest—to obfuscate lateral movement and exfiltrate data under legitimate-looking traffic.
• More than 52,000 Ollama AI servers—primarily located in China (30%)—are exposed online, potentially serving as staging grounds for AI-powered reconnaissance or covert command-and-control (C2).
• Despite BGP vulnerabilities, RPKI adoption remains critically low, enabling Volt Typhoon to abuse route hijacking and man-in-the-middle attacks to maintain persistence.
• The campaign aligns with China’s military doctrine of “integrated network electronic warfare,” emphasizing long-dwell access over immediate disruption.

Background: The Volt Typhoon Threat Profile

Volt Typhoon, first identified in 2023, operates under the strategic direction of China’s Ministry of State Security (MSS) and the People’s Liberation Army Strategic Support Force (PLASSF). Unlike other APT groups that focus on espionage or intellectual property theft, Volt Typhoon prioritizes pre-positioning—establishing undetectable footholds in critical systems to enable future sabotage, espionage, or coercive leverage during geopolitical crises. This doctrine is codified in China’s 2020 Military Strategy, which emphasizes “informatized warfare” and “asymmetric advantages” in cyberspace.

Recent disclosures by Microsoft, CrowdStrike, and CISA indicate that Volt Typhoon has extended its reach beyond traditional IT networks into operational technology (OT) environments, using living-off-the-land techniques and abusing legitimate system tools such as PowerShell and WMI to evade detection.

Infrastructure Abuse: IPIDEA Proxies and Exposed AI Servers

In January 2026, researchers at Oracle-42 Intelligence and partners at GreyNoise revealed that IPIDEA—one of the largest residential proxy networks, with over 10 million IPs—had been heavily infiltrated. Threat actors are using IPIDEA nodes to:

• Rotate C2 traffic through residential IP ranges, bypassing geofencing and traditional threat intelligence filters.
• Conduct reconnaissance on critical infrastructure networks by blending in with legitimate user traffic.
• Leverage compromised residential devices as pivot points to access OT systems with weak segmentation.

Simultaneously, the rapid proliferation of AI inference servers—particularly those running Ollama, a lightweight open-source framework for local LLM deployment—has created a new attack surface. A scan conducted by Oracle-42 Intelligence found 175,000 publicly exposed Ollama instances, with China hosting the largest share. Many of these servers are misconfigured, running with default credentials or exposed Docker APIs, enabling:

• Unauthenticated remote code execution (RCE).
• Model poisoning or data exfiltration from sensitive datasets.
• Use as covert staging servers for Volt Typhoon’s malware or stolen intellectual property.

BGP Vulnerabilities and the Role of RPKI

Volt Typhoon’s operations are further enabled by systemic weaknesses in the Border Gateway Protocol (BGP), the routing backbone of the Internet. BGP lacks built-in authentication, making it susceptible to route hijacking, IP spoofing, and man-in-the-middle (MITM) attacks. These vulnerabilities allow adversaries to:

• Redirect traffic through malicious nodes to intercept data.
• Permanently embed rogue routes to maintain access to compromised infrastructure.
• Disguise exfiltration traffic as legitimate network flows.

The Resource Public Key Infrastructure (RPKI) framework offers a cryptographic solution to BGP vulnerabilities by validating route announcements through digital certificates. However, adoption remains alarmingly low:

• Less than 50% of IPv4 address space is covered by RPKI Route Origin Authorizations (ROAs).
• Many Tier 1 and Tier 2 providers have not enforced RPKI validation, creating “stub” networks vulnerable to hijacking.
• In some regions, adoption is below 10%, particularly in parts of Africa, South America, and Southeast Asia—areas increasingly targeted by Chinese APTs.

Without widespread RPKI deployment, Volt Typhoon can continue to abuse BGP to maintain persistence, exfiltrate data, and even trigger false flag operations by rerouting traffic through third-party networks.

Geopolitical and Operational Impact

The scale and persistence of Volt Typhoon’s campaign suggest a deliberate strategy to create “cyber tripwires” in critical infrastructure. Analysts assess that China is preparing for potential future contingencies—such as a Taiwan Strait conflict—where rapid denial-of-service or sabotage operations could be launched with minimal warning.

Moreover, the integration of AI infrastructure into this campaign introduces a new dimension: AI-enabled cyber operations. Exposed Ollama servers could be used to:

• Generate realistic phishing emails or social engineering content in multiple languages.
• Automate reconnaissance using natural language queries against exposed databases.
• Train or fine-tune stolen datasets for intelligence analysis or future attack planning.

Recommendations for Stakeholders

To counter Volt Typhoon’s pre-positioning activities and strengthen global cyber resilience, the following measures are recommended:

For Governments and Regulators

• Mandate RPKI adoption for all BGP-speaking networks within 24 months, with penalties for non-compliance in critical infrastructure sectors.
• Establish a Joint Cyber Defense Initiative (JCDI) with Five Eyes, EU, and NATO allies to share real-time threat intelligence on Volt Typhoon activities, including indicators of compromise (IOCs) from IPIDEA nodes and Ollama servers.
• Enforce mandatory incident reporting for all critical infrastructure breaches within 72 hours, with standardized formats for OT/IT convergence data.

For Critical Infrastructure Operators

• Conduct comprehensive network segmentation between IT, OT, and AI environments. Disable all non-essential communication paths between these domains.
• Deploy AI-aware monitoring to detect anomalous traffic patterns in exposed Ollama or inference servers. Use behavioral analytics to flag unauthorized model training or data exfiltration.
• Implement zero-trust architecture (ZTA), including continuous authentication and least-privilege access, especially for privileged ICS accounts.

For Network and Cloud Providers

• Enable RPKI Route Origin Validation (ROV) by default on all BGP-speaking routers.
• Scan and remediate compromised residential proxies within IPIDEA and similar networks. Work with law enforcement to disrupt botnet operations.
• Publish secure-by-default configurations for Ollama and other AI inference tools, including disabling remote API access unless explicitly required.

For the Private Sector and Civil Society

• Support open-source intelligence (OSINT) initiatives that monitor