Chinese hackers are determined to ‘wreak havoc’ on U.S. critical infrastructure, FBI director Wray warns

Date:

WASHINGTON (AP) — Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told House lawmakers Wednesday in a fresh warning from Washington about Beijing’s global ambitions.

Underscoring the threat, the Justice Department and FBI announced just before the hearing that they had disrupted a botnet of hundreds of U.S.-based small office and home routers owned by private citizens and companies and hijacked by the Chinese state hackers to cover their tracks and hide their origin as they sowed the malware.

Speaking before the House Select Committee on the Chinese Communist Party, Wray said there’s been “far too little public focus” on a cyber threat that affects “every American.”

“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray he said.

Jen Easterly, the director of the Department of Homeland Security’s cybersecurity arm, voiced a similar sentiment at the hearing.

WATCH: How citizen investigators are helping the FBI track down Jan. 6 rioters

“This is a world where a major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes — all to ensure that they can incite societal panic and chaos and to deter our ability” to respond, she said.

The comments align with assessments from outside cybersecurity firms including Microsoft, which said in May that state-backed Chinese hackers had been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises.

That operation, attributed to a group of hackers known as Volt Typhoon, has now been disrupted after FBI and Justice Department officials obtained search-and-seizure orders in a Texas federal court. The hackers infiltrated targets through multiple avenues, including cloud and internet providers, disguising themselves as normal traffic.

The U.S. has in the past few years become more aggressive in trying to disrupt and dismantle both criminal and state-backed cyber operations. But state-backed hackers, especially Chinese and Russian, are good at adapting and finding new intrusion methods and avenues.

“Today, and literally every day, they’re actively attacking our economic security, engaging in wholesale theft of our innovation, and our personal and corporate data,” Wray said of China.

READ MORE: Former FBI official pleads guilty to conspiracy charge for helping Russian oligarch

U.S. officials have long been concerned about such hackers hiding in U.S.-based infrastructure, and the end-of-life Cisco and NetGear routers exploited by Volt Typhoon were easy prey because they were no longer supported by their manufacturers with security updates. Because of the urgency, law enforcement officials said, U.S. cyber operators deleted the malware in those routers without notifying their owners directly — and added code to prevent re-infection.

A Justice Department official who briefed reporters on condition of anonymity under ground rules set by the government said officials were determined to disrupt the Volt Typhoon operation as soon as possible because the hackers were using the botnet as a stepping stone to hide in U.S. internet traffic while burrowing into the networks of critical infrastructure, ready to maliciously exploit that access at a time of their choosing.

China has called the U.S. government’s allegations baseless. Beijing has accused the U.S. of “almost daily” and “huge amounts of intrusions against Chinese government, with Wang Wenbin, a spokesman for the Chinese foreign ministry, saying last year that “China is the biggest victim of cyber attacks.”

But Gen. Paul Nakasone, the outgoing commander of U.S. Cyber Command, said “responsible cyber actors” do not target civilian infrastructure.

“There’s no reason for them to be in our water,” Nakasone said. “There’s no reason for them to be in our power.”

On Tuesday, testifying before the same committee, Leon Panetta, who served as the director of the Central Intelligence Agency and the defense secretary in the Obama administration, said he believed that the Chinese agents had “planted malware within our own computer networks” and warned that the Chinese government would use artificial intelligence to spread disinformation.

The committee, chaired by Republican Rep. Mike Gallagher of Wisconsin, was established last year with a mandate of countering China, kicking off with a prime-time hearing. The Chinese government has lashed out at the committee, demanding that its members “discard their ideological bias and zero-sum Cold War mentality.”

Bajak reported from Boston.

Share post:

Popular

More like this
Related

One protester backs away from PACTS III challenge

A joint venture withdrew its protest over the PACTS...

Guidehouse protests classified ODNI contract

Guidehouse is continuing its fight for a highly-classified contract...

RNC headquarters plunged into lockdown after vials of blood addressed to Trump

Sign up for the daily Inside Washington email for...