China Targets US Infrastructure, FBI Sounds Alarm

At the annual security conference, FBI Director Christopher Wray emphasized the necessity of addressing the threat emanating from China. Wray highlighted Beijing’s extensive efforts to clandestinely implant malicious software within the critical infrastructure of the United States, characterizing it as a national security threat.

Referencing the Volt Typhoon group, discovered within the networks of the U.S.’s critical infrastructure, Wray reported that Chinese-backed hackers had pre-positioned malware that could be activated at any moment to disrupt the operations of targeted networks. According to Wray, this is merely the tip of the iceberg in a series of similar efforts by China.

Cloudflare Breached

Wray underscored that the FBI is actively engaged in addressing this challenge but declined to specify which critical infrastructure targets had been compromised, highlighting the scale and complexity of Chinese hacking operations, which have accelerated over the last decade. The interest of Beijing in infiltrating U.S. networks to conduct destructive cyberattacks is particularly alarming.

During meetings with counterparts from the Five Eyes alliance and visits to Malaysia and India, Wray discussed cyber defense strategies and the Chinese hacking campaign, stressing the importance of international cooperation in countering the threat. The Netherlands also reported cyberattacks by Chinese hackers, underscoring the magnitude of the issue.

China traditionally denies allegations of cyberattacks and espionage, yet evidence of state-supported Chinese cyber operations is mounting. The U.S. has charged several officers of the People’s Liberation Army (PLA) with stealing secrets.

Wray also noted that cyberattacks are being intensified with artificial intelligence tools, enabling Chinese intelligence agents to convincingly recruit agents, steal secrets, and process gathered information. According to Wray, China is actively seeking progress in AI to expedite the process of economic espionage and data theft.

It’s noteworthy that the U.S. authorities recently announced successful countermeasures against the Volt Typhoon cyber operation aimed at embedding malware that could damage the country’s civilian infrastructure. The operation affected a network of hundreds of routers in the U.S., captured by Chinese hackers. The targets of the attacks included water supply facilities, power grids, and transportation systems across the U.S. Wray emphasized that Chinese hackers are preparing to potentially create chaos in the event of a conflict between the U.S. and China.

Volt Typhoon is a hacking group that, according to Western intelligence agencies and cybersecurity firms, is supported by the Chinese government and engages in cyber espionage against various organizations in the U.S. and other countries. The group was named by Microsoft, which discovered its activity in May 2023. However, Volt Typhoon has been operating for at least two years, specializing in penetrating critical infrastructure such as telecommunications, transportation hubs, and energy facilities.