Connect with us

Infra

Chinese Hackers Want To ‘Wreak Havoc’ On US Infrastructure, FBI Director Chris Wray Warns

Published

on

Chinese Hackers Want To ‘Wreak Havoc’ On US Infrastructure, FBI Director Chris Wray Warns

FBI Director Christopher Wray

Photo : AP

Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told House lawmakers Wednesday in a fresh warning from Washington about Beijing’s global ambitions.

Underscoring the threat, the Justice Department and FBI announced just before the hearing that they had disrupted a botnet of hundreds of U.S.-based small office and home routers owned by private citizens and companies and hijacked by the Chinese state hackers to cover their tracks and hide their origin as they sowed the malware.

Speaking before the House Select Committee on the Chinese Communist Party, Wray said there’s been “far too little public focus” on a cyber threat that affects “every American.”

“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray said.

Jen Easterly, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, voiced a similar sentiment at the hearing.

“This is a world where a major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes — all to ensure that they can incite societal panic and chaos and to deter our ability” to marshal a sufficient response, she said.

The comments align with assessments from outside cybersecurity firms including Microsoft, which said in May that state-backed Chinese hackers had been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises.

That operation, attributed to a group of hackers known as Volt Typhoon, has now been disrupted after FBI and Justice Department officials obtained search-and-seizure orders in a Texas federal court. The hackers infiltrated targets through multiple avenues, including cloud and internet providers, disguising themselves as normal traffic.

The U.S. has in the past few years become more aggressive in trying to disrupt and dismantle both criminal and state-backed cyber operations, with Wray warning Wednesday that Beijing-backed hackers aim to pilfer business secrets to advance the Chinese economy and steal personal information for foreign influence campaigns.

“They are doing all those things. They all feed up ultimately into their goal to supplant the U.S. as the world’s greatest superpower,” he said.

Complicating the threat is that state-backed hackers, especially Chinese and Russian, are good at adapting and finding new intrusion methods and avenues.

U.S. officials have long been concerned about such hackers hiding in U.S.-based infrastructure, and the end-of-life Cisco and NetGear routers exploited by Volt Typhoon were easy prey because they were no longer supported by their manufacturers with security updates. Because of the urgency, law enforcement officials said, U.S. cyber operators deleted the malware in those routers without notifying their owners directly — and added code to prevent re-infection.

A Justice Department official who briefed reporters on condition of anonymity under ground rules set by the government said officials were determined to disrupt the Volt Typhoon operation as soon as possible because the hackers were using the botnet as a stepping stone to hide in U.S. internet traffic while burrowing into the networks of critical infrastructure, ready to maliciously exploit that access at a time of their choosing.

“The truth is that Chinese cyber actors have taken advantage of very basic flaws in our technology,” Easterly said. “We’ve made it easy on them.”

China has repeatedly denounced the U.S. government’s hacking allegations as baseless. Beijing has accused the U.S. of “almost daily” and “huge amounts of intrusions against Chinese government, with Wang Wenbin, a spokesman for the Chinese foreign ministry, saying last year that “China is the biggest victim of cyber attacks.”

But Gen. Paul Nakasone, the outgoing commander of U.S. Cyber Command and the National Security Agency, said “responsible cyber actors” do not target civilian infrastructure.

“There’s no reason for them to be in our water,” Nakasone said. “There’s no reason for them to be in our power.”

On Tuesday, testifying before the same committee, Leon Panetta, who served as the director of the Central Intelligence Agency and the defense secretary in the Obama administration, said he believed that the Chinese agents had “planted malware within our own computer networks” and warned that the Chinese government would use artificial intelligence to spread disinformation.

The committee, chaired by Republican Rep. Mike Gallagher of Wisconsin, was established last year with a mandate of countering China, kicking off with a prime-time hearing. The Chinese government has lashed out at the committee, demanding that its members “discard their ideological bias and zero-sum Cold War mentality.”

Continue Reading