The looming threat of a major cyber attack against the U.S. is becoming more likely after the FBI admitted that Chinese hackers are planning an all-out assault on the country’s power grid and infrastructure.
A cyber attack against the United States would not just be devastating for Americans; it would also allow China to take advantage of the ensuing chaos, especially with it being an election year.
According to U.S. officials, they have already foiled a state-backed Chinese effort to plant malware to damage civilian infrastructure.
The head of the FBI is now warning that China is preparing to disrupt the lives of Americans as much as possible in the run-up to the 2024 election.
The operation disrupted a botnet of hundreds of small office and home routers that had suffered attacks from Chinese hackers to cover their tracks as they implanted the disruptive malware.
However, Chinese hacker’s primary targets are the U.S. electrical grid, transportation systems, and water treatment plants.
FBI director Chris Wray said there is little public focus on a cyber threat that would affect “every American.”
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray said.
Meanwhile, Jen Easterly, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said the crisis would be on such a large scale it would endanger Americans’ lives.
“This is a world where a major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes — all to ensure that they can incite societal panic and chaos and to deter our ability to marshal a sufficient response,” she said.
As CNN reported:
According to the report, U.S. officials have confirmed that the hackers have broken into computer networks at energy, transportation, and water facilities in the “continental and non-continental” U.S. and its overseas territories, including Guam.
In one case, after breaching the I.T. systems at an unnamed water facility, the hackers had access to a range of critical information on water treatment plants and water wells, according to the analysis.
The news comes amid US-China tensions over Taiwan as fears the Chinese hackers could be laying the groundwork for major disruption of critical communications during future crises.
According to an report from AP, a portion of the operation was attributed to a group of hackers known as Volt Typhoon, which has now been disrupted after the FBI obtained search-and-seizure orders in Houston federal court in December.
The outlet reported:
U.S. officials did not characterize the disruption’s impact, and court documents unsealed Wednesday say the disrupted botnet was just “one form of infrastructure used by Volt Typhoon to obfuscate their activity.”
The hackers have infiltrated targets through multiple avenues, including cloud and internet providers, disguising themselves as normal traffic.
“They are doing all those things. They all feed up ultimately into their goal to supplant the U.S. as the world’s greatest superpower,” Wray said.
Chinese Embassy spokesperson Liu Pengyu denied the hacking allegations, deflecting the blame onto Washington.
In recent years, the U.S. has stepped up its efforts to dismantle cyber operations, with Wray warning hackers aim to steal business secrets and personal information in order to advance the Chinese economy.
However, the threat of cyber attacks from China is nothing new.
In 2022, a Chinese state-sponsored hacking group compromised the computer networks of at least six U.S. state governments, according to research published by cybersecurity firm Mandiant.
The hacker group, known as APT41, found and exploited vulnerabilities in web applications to gain access to state government networks, according to Mandiant.
APT41 took advantage of software flaws and also exploited security vulnerabilities.
“APT41’s recent activity against U.S. state governments consists of significant new capabilities, from new attack vectors to post-compromise tools and techniques,” the researchers said.
“APT41 can quickly adapt their initial access techniques by re-compromising an environment through a different vector, or by rapidly operationalizing a fresh vulnerability.”
