U.S. officials say they have thwarted a state-sponsored Chinese effort to plant malware that could damage civilian infrastructure, and if the U.S. and China go to war, Beijing could disrupt U.S. daily life. The FBI director warned that he was in a position to do so.
The operation destroyed a botnet of hundreds of small U.S.-based office and home routers owned by private citizens and companies that Chinese hackers had taken over to cover their tracks with malware. It was done.
Their ultimate targets included water treatment plants, power grids and transportation systems across the United States, officials said Wednesday.
This comment is consistent with assessments from outside cybersecurity companies, including Microsoft. In May, the company announced that state-sponsored Chinese hackers were targeting critical U.S. infrastructure, laying the technological foundation for potentially disrupting critical communications between the U.S. and Asia in future crises. He said that there is a possibility that .
At least some of the operation, attributed to a group of hackers known as Bolt Typhoon, was halted after FBI and Justice Department officials obtained a search and seizure order in Houston federal court in December. U.S. authorities have not disclosed the impact of the disruption, and court documents released Wednesday said the disrupted botnet was just “a form of infrastructure used by Bolt Typhoon to obfuscate its activities.” It has said. Hackers disguised themselves within normal traffic and entered their targets through multiple channels, including the cloud and internet providers.
FBI Director Chris Wray told the House Select Committee on the Chinese Communist Party that too little public attention is being paid to cyber threats that affect “all Americans.”
“Chinese hackers are positioning themselves on American infrastructure in preparation to wreak havoc and cause real-world damage to American citizens and communities should China decide the time is right for an attack.” Ray said.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, echoed similar sentiments at the hearing.
“This is a massive crisis on the other side of the world, endangering the lives of Americans right here at home through disrupted pipelines, disrupted telecommunications, contaminated water facilities, and crippled transportation systems. It’s a world full of possibilities, all to ensure social panic and chaos to thwart our abilities. [to marshal a sufficient response],” she said.
The United States has become more aggressive in recent years in its efforts to disrupt and dismantle both criminal and state-sponsored cyber operations, and Wray said Wednesday that Chinese government-backed hackers are trying to develop China’s economy. , warned that the purpose was to steal trade secrets in order to steal personal information. For campaigns that influence foreign countries.
“They’re doing all that stuff. They’re all passionate about the goal of eventually replacing the United States as the world’s biggest superpower,” he said.
Complicating the threat is that state-sponsored hackers, particularly China and Russia, are good at adapting and finding new methods and routes of infiltration.
U.S. authorities have long been concerned about such hackers lurking in U.S. infrastructure, and the older Cisco and Netgear routers used by Bolt Typhoon were no longer supported by their manufacturers for security updates. , it became easy prey. Due to the urgency, U.S. cyber operators removed the malware in these routers without directly notifying their owners and added code to prevent reinfection, law enforcement officials said.
“The truth is that Chinese cyber attackers took advantage of a very fundamental flaw in our technology,” Easterly said. “We made it easy for them.”
U.S. officials said Wednesday that allies were also affected by the Bolt Typhoon hack of critical infrastructure, but declined to say in response to questions from reporters what measures they might take.
China has repeatedly criticized the US government’s hacking allegations as baseless. Beijing has accused the United States of infiltrating Beijing “almost every day,” and Chinese Foreign Ministry spokesperson Wang Wenbin said last year that “China is the biggest victim of cyberattacks.”
However, outgoing US Cyber Command and National Security Agency head Gen. Paul Nakasone said “responsible cyber attackers” were not targeting civilian infrastructure.
“There’s no reason for them to be in our waters,” Nakasone said. “There is no reason for them to join our forces.”
