Sunday, November 17, 2024

FBI calls out China for making critical infrastructure ‘fair game’ for cyber operations

Must read

Efforts by China-linked hackers to infiltrate computer systems and networks that run key sectors of the U.S. economy — only to lie in wait for an opportunity to strike — appear to predate Chinese cyber operations that sparked warnings by U.S. officials earlier this year.

FBI Director Christopher Wray on Thursday said Chinese government efforts to penetrate critical U.S. infrastructure for the purpose of setting up a possible cyberattack go back more than a decade.

“China-sponsored hackers pre-positioned for potential cyberattacks against U.S. oil and natural gas companies way back in 2011,” Wray told the audience at a Vanderbilt University security conference in Nashville, Tennessee.

“It took the hackers all of 15 minutes to steal data related to the control and monitoring systems while ignoring financial and business-related information, which suggests their goals were even more sinister than stealing a leg up economically,” he said.

Multiple U.S. agencies, led by the FBI and the Cybersecurity and Infrastructure Security Agency, warned in February that hackers associated with a Chinese-linked group known as Volt Typhoon had been hiding in key computer systems and networks for at least five years.

At the time, CISA’s director said China’s penetration of key systems linked to U.S. communications, energy, water and wastewater, and transportation sectors was “likely the tip of the iceberg.”

But Wray on Thursday made clear China’s attempts to hack into systems and hide while waiting to attack — a technique known as “living off the land” — is part of Beijing’s long-running strategy.

“The PRC [People’s Republic of China] has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage,” he said. “Its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist.”

Chinese government officials did not respond directly to the latest allegations, pointing instead to comments earlier this week by a Chinese foreign ministry spokesperson.

The spokesperson denied any connection between Beijing and Volt Typhoon, saying the cyber threat group “is not sponsored by any state or region.”

The spokesperson also accused U.S. intelligence and cybersecurity agencies of passing false information about China’s activities in cyberspace “in order to receive more congressional budgets and government contracts.”

Wray’s comments, however, came just one day after another top U.S. cyber official called out Chinese behavior in cyberspace while speaking at the same conference.

“The PRC is engaged in a deliberate campaign to challenge the United States and our allies technologically while putting our critical systems and national infrastructure at risk,” said General Timothy Haugh, who heads both the National Security Agency and U.S. Cyber Command.

Haugh was especially critical of the actions taken by Volt Typhoon, calling it “an example of how China has approached establishing access to put things under threat.”

“There is not a valid intelligence reason to be looking at a water treatment plant from a cyber perspective,” he said. China is “sending a pretty loud signal of how they intend to use cyberspace in a crisis. We should listen to that.”

A threat assessment published last week by the U.S. Defense Intelligence Agency also concluded China uses its cyberspace capabilities “to lay the groundwork for malicious cyber activities and cyberattacks.”

The DIA report also noted that China’s military “has called for using space, cyber operations and electronic warfare as weapons to paralyze adversary information systems during a conflict.”

Latest article