FBI Director Christopher A. Wray revealed on Wednesday that Chinese hackers are determined to wreak havoc on the United States. During a House committee hearing, Wray disclosed that the FBI had successfully disrupted a major cyber-intrusion campaign backed by the Chinese government. This effort aimed to target critical infrastructure, including water, communications, transportation, and energy facilities, with the potential to shut down essential services and create chaos in the event of a conflict.
Wray emphasized the urgent need to invest in U.S. cyberdefense, warning that China’s hacking force significantly outnumbered America’s. Even if the FBI focused exclusively on countering the China threat, the number of Chinese hackers would still surpass the number of FBI cyber personnel by at least 50 to 1. According to Wray, China’s hackers are preparing to cause real-world harm to American citizens and communities when China decides it’s time to strike.
The hacking campaign attributed to a group known as Volt Typhoon was first reported by Microsoft in May. Traces of this intrusion were discovered in critical infrastructure in Guam, a U.S. territory in close proximity to Taiwan and home to a substantial U.S. military presence. The Volt Typhoon attacks targeted various infrastructure, including a Hawaiian water utility, a major West Coast port, and at least one oil and gas pipeline. While these attacks did not affect critical functions of the targeted infrastructure, they raised concerns among officials due to their proximity to and support of U.S. military operations.
The FBI’s actions involved gaining control of hundreds of routers that Volt Typhoon had been using as springboards to infiltrate sensitive infrastructure. These routers were often outdated machines in small offices that no longer received security patches, making them vulnerable to hackers. Volt Typhoon utilized these routers to disguise the origin of their traffic and gain access to the targeted systems.
In response, the FBI deployed court-authorized operations to recapture the compromised routers and remove the malware used to control them, as well as block any reinfections. However, the routers may still have active backdoor channels that could enable further incursions, albeit at a slower pace.
The revelation by Wray marks the first public acknowledgment of a broader operation to combat these intrusions. The difficulty in targeting such hackers arises from their utilization of advanced techniques and legitimate programs within targeted environments.
Jen Easterly, the U.S. Cybersecurity and Infrastructure Agency Director, echoed the concern over Chinese hacking, emphasizing the deeply concerning evolution of attacks on U.S. critical infrastructure. She warned that a major crisis on the other side of the world could endanger American lives by disrupting pipelines, severing telecommunications, polluting water facilities, and crippling transportation. Easterly testified that these actions aim to incite societal panic and deter the U.S.’s ability to mobilize military force and civilian support.
China’s Foreign Ministry spokesperson Liu Pengyu did not repeat previous denials of a link between Beijing and Volt Typhoon but criticized the U.S. for its cyber policies. He stated that the Chinese government opposes hacking attacks and the misuse of information technology. He argued that the United States, having the most advanced cyber technologies, is guilty of hacking and eavesdropping more than other countries.
The hearing took place amidst ongoing efforts to ease tensions between the U.S. and China. While both countries have initiated new channels of communication, disagreements still persist, especially as the U.S. approaches a general election cycle. FBI Director Wray expressed skepticism regarding CNN’s report that Beijing pledged not to interfere in the election, stating China has made promises in the past that have not been fulfilled.
The House committee responsible for the hearing has taken a firm bipartisan stance against what it describes as severe threats posed by rising Chinese military, economic, and technical aggression. Committee chair Mike Gallagher (R-Wis.) condemned the latest Chinese hacking operations, characterizing them as unacceptable acts comparable to placing bombs on American infrastructure. He stressed that the sole purpose of these attacks is to prepare for the destruction of American infrastructure.
In conclusion, the United States faces a significant and ongoing cyber threat from Chinese hackers. The FBI’s recent actions to disrupt the Volt Typhoon hacking campaign represents a crucial step towards countering these intrusions. However, it is clear that more resources and investments in cybersecurity are necessary to protect America’s critical infrastructure from potential attacks that could cause real-world harm.
