China’s Cyber Army is reportedly strengthening its capabilities to disrupt crucial American infrastructure, including power, water utilities, communications, and transportation systems.
According to U.S. officials and industry experts, hackers linked to China’s People’s Liberation Army have successfully infiltrated the systems of about two dozen vital utilities in the past year. The strategic effort seems to be part of a broader initiative aiming to create pathways for inducing panic, chaos, and logistical disruptions in the event of a potential conflict between the United States and China in the Pacific region.
China’s Cyber Army Demonstrates Power
Among the identified targets are a water utility in Hawaii, a significant West Coast port, and at least one oil and gas pipeline. Despite attempting to breach the operator of Texas’s independent power grid, no disruptions were reported.
However, while these intrusions did not impact industrial control systems crucial to essential functions, they underscored a strategic interest in specific locations. This suggests a potential desire to complicate U.S. troop and equipment movements, particularly concerning Taiwan.
These undisclosed details provide a more comprehensive understanding of the Volt Typhoon cyber campaign, initially identified by the U.S. government approximately a year ago. Additionally, the revelations come amid escalating tensions in the U.S.-China relationship, marked by a lack of communication.
Diplomatic Dynamics: Biden-Xi Agreement on Communication Channels
The recent agreement between President Biden and President Xi Jinping to reinstate communication channels reflects the nuanced diplomatic dynamics at play. Brandon Wales, executive director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), underscores that Chinese attempts to compromise critical infrastructure aim to pre-position, intending to disrupt or destroy it in the event of a conflict.
Confirming that Volt Typhoon activity is focused on targets within the Indo-Pacific region, including Hawaii, Morgan Adamski, director of the National Security Agency’s Cybersecurity Collaboration Center, sheds light on the situation. The hackers obscure their actions by channeling attacks through ordinary devices, aiming to illicitly acquire employee credentials.
According to Joe McReynolds, a China security studies specialist, the hackers are actively exploring strategies to gain access and maintain a presence without raising detection.
The information provided expands upon the yearly threat assessment by the Office of the Director of National Intelligence in February, which warned of China’s capability to execute cyberattacks disrupting critical U.S. infrastructure.
Military Plans and Coordination: Insights into Chinese Strategies
Chinese military officers have outlined potential use of cyber tools or “network warfare” in conflicts, coordinating with air and missile strikes and disruptions to various networks, as observed by McReynolds. Volt Typhoon targeted various sectors, compromising smaller companies and organizations, possibly to establish a foothold in a supply chain.
China’s cyber intrusions into sectors like water and energy coincide with the Biden administration’s push for mandatory cybersecurity regulations. Despite increased scrutiny, hackers persist in seeking new targets, with the August attempt to connect to Texas infrastructure demonstrating ongoing interest in critical systems.
The NSA and other agencies recommend enhanced cybersecurity measures as part of a proactive defense against cyber threats. However, the topic of Chinese cyber intrusions into critical infrastructure did not surface during the Biden-Xi meeting.
