United States Disrupts Chinese Cyber Threat Targeting Vital Infrastructure
On Wednesday, United States authorities disclosed the disruption of a Chinese state-backed cyber campaign aiming to deploy malware and compromising civilian infrastructure.
FBI Director Chris Wray emphasized the potential disruption to the daily lives of Americans in the event of a conflict between the U.S. and China.
The United States is Targeting Botnets and Concealed Tactics
The operation targeted a botnet comprising hundreds of U.S.-based routers, diverting attention from Chinese hackers’ activities as they sought to deploy malware on critical systems such as water treatment plants, the electrical grid, and transportation networks.
During his address to the House Select Committee on the Chinese Communist Party, Wray underscored the pervasive cyber threat affecting every American. Jen Easterly, from the Department of Homeland Security, echoed these concerns, emphasizing the risk of crises abroad endangering Americans through infrastructure disruption.
This aligns with previous warnings from cybersecurity firms, including Microsoft, indicating Chinese hackers targeting U.S. critical infrastructure.
The recent disruption, linked to the Volt Typhoon hacker group, involved obtaining search-and-seizure orders in December. The impact of the disruption remains unspecified, but court documents describe the botnet as one facet of Volt Typhoon’s concealment tactics, penetrating targets through various channels.
Wray asserted that China’s cyber activities aimed at stealing business secrets and personal information contribute to their broader goal of surpassing the U.S. as a global superpower.
State-backed hackers, particularly from China and Russia, continually adapt and find new intrusion methods, posing a persistent challenge.
The use of outdated routers lacking security updates heightened concerns, prompting U.S. cyber operators to delete the malware without directly notifying affected owners. Amit Yoran, CEO of Tenable, stressed the urgency of addressing the risks within critical infrastructure.
The cybersecurity landscape faces additional complications, with major software providers sacrificing security for convenience.
Recent incidents, such as state-backed Chinese hackers compromising Microsoft cloud-based security, underscore the vulnerabilities in U.S. systems.
Global Impact: Allies Affected, Countermeasures Undisclosed
While U.S. officials acknowledged allies being affected by Volt Typhoon’s activities, countermeasures remained undisclosed. China has consistently denied hacking allegations, portraying itself as a victim of cyber attacks.
However, Gen. Paul Nakasone emphasized responsible cyber actors’ avoidance of civilian infrastructure.
Former CIA Director Leon Panetta, testifying before the committee, warned of Chinese agents planting malware in U.S. computer networks and highlighted the use of artificial intelligence for disinformation campaigns.
The committee, focused on countering China, faces criticism from the Chinese government for alleged ideological bias and a Cold War mentality.