Federal Bureau of Investigation Director Christopher A. Wray said Wednesday that China is ramping up a massive hacking operation aimed at sabotaging U.S. power grids, oil pipelines and water systems in the event of a conflict over Taiwan. I warned you that you were doing it.
Mr. Wray appeared before the House Subcommittee on China and gave a worrying assessment of the Chinese Communist Party's efforts. The goal is to create chaos, discourage the United States from fighting, and hinder the deployment of U.S. military resources in the event that the conflict over Taiwan, a major flash point between the two superpowers, escalates into war. he added.
Prior to his testimony, FBI and Justice Department officials last month gained access to servers compromised by Bolt Typhoon, a Beijing-led hacking network that has targeted a variety of critical infrastructure systems. It has been revealed that a court order has been obtained to allow this. By penetrating the networks of small businesses, contractors, and local governments.
“Chinese hackers are infiltrating American infrastructure in preparation for wreaking havoc and causing real-world damage.” If or when China We decided it was time to strike,” Ray said, pressuring the commission to increase funding for the department.
“Low attacks on civilians are part of China's plan,” he added.
Bolt Typhoon hackers compromised hundreds of Cisco and NetGear routers with the intention of implanting an army of sleeper cells that would be activated during a crisis. Many were older models that were not supported by manufacturer updates or security patches.
In May, U.S. officials warned businesses, local governments, and foreign allies that the group was targeting “networks across U.S. critical infrastructure sectors” and could use similar tactics against other countries. did.
This operation was stopped before it could affect the “legitimate functions” of infrastructure agencies, and the Chinese do not appear to be collecting “content information” from the routers.
Officials said the government has notified owners of the equipment.
Ray said a major obstacle to countering Chinese hacking activity is the reluctance of small business owners and local governments to report suspicious activity on their networks to the FBI. , which would “prevent the attack from spreading to other sectors and other companies.”
Also on Wednesday, the ministry released indictments against four Chinese nationals. They are accused of a long-standing conspiracy to smuggle electronic components from the United States to Iran, in violation of long-standing sanctions and restrictions on exports of military technology to the Islamic Republic.
The suspects, all of whom reside in China, allegedly used front companies to funnel components to Iran that could be used to make drones and ballistic missile systems from 2007 to at least 2020, according to an indictment in U.S. District Court in Washington. has been charged with a crime.
As a result, “vast amounts” of U.S. technology was diverted to Iran, prosecutors said. It did not specify potential harm to national security.
In recent months, the FBI and Justice Department have increasingly warned of malign activity by China, Iran, and Russia in the United States. These include murder-for-hire plots against dissidents, infiltration of U.S. law enforcement, election interference, intellectual property theft, and, as Wray and cybersecurity officials revealed at Wednesday's hearing, online Contains infringement.
Mr. Wray has long emphasized the China threat and described it as existential.
“This is a threat to our economic security and, by extension, our national security,” Wray said in 2020.
Officials say China frequently targets the weakest links in the country's corporate and government networks, particularly older home office routers that allow hacking into more sophisticated computer systems.
Jen Easterly, director of the federal Cybersecurity and Infrastructure Security Agency, said the goal is to deter the United States from supporting Taiwan or more aggressively confronting Beijing on other geopolitical and economic issues. He said that the aim was to “incite social panic” for the purpose of doing so.
Easterly suggested that authorities in Beijing may have been motivated to focus on civilian infrastructure after a ransomware attack on Colonial Pipeline by a Russian hacking group in 2021.
“Imagine at scale, imagine not just one pipeline, but many pipelines disrupted,” she said. “Communications stop and people can't use their cell phones. People start getting sick from contaminated water. Trains get derailed.”
The Chinese government has long denied targeting U.S. civilian infrastructure, and senior Chinese officials recently told National Security Adviser Jake Sullivan that infiltrating networks could affect the outcome of the 2024 election. He said it would not have any impact.
U.S. hackers have targeted military and government servers in China, but have historically avoided attacks on infrastructure directed by the Chinese government, said Gen. Paul M. Nakasone, the outgoing commander of the U.S. Cyber Command. .
“Responsible cyber attackers in democracies like ours do not target civilian infrastructure,” he said. “There is no reason for them to be in our waters. There is no reason for them to be of any use to us. This is a decision by the actors to actually focus on civilian targets. It’s not something you do.”