FBI Director Christopher Wray warned lawmakers on Wednesday about the growing threat posed by Chinese hackers who are targeting U.S. electrical grids and other infrastructure during testimony before the House Select Committee on the Chinese Communist Party.
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray said in his opening remarks to the panel.
Wray and other national security officials, including Jen Easterly, who leads the Cybersecurity and Infrastructure Security Agency, testified just as the FBI and Justice Department announced Wednesday that it had shut down a major China-based hacking group that had been working to compromise U.S. cyber infrastructure.
#FBI Director Wray announced that the FBI, with partners, conducted a technical operation against the People’s Republic of China’s malware, known as Volt Typhoon, and took decisive actions to disrupt the activity through the use of our unique authorities, tools and capabilities. pic.twitter.com/FmPzEurylO
— FBI (@FBI) January 31, 2024
“So far, we’ve discovered CCP malware in certain critical infrastructure, but they haven’t been activated yet,” said Rep. Raja Krishnamoorthi (D-IL), the ranking member of the committee.
The group, called “Volt Typhoon,” is believed to have attacked hundreds of routers in offices, allowing the Chinese government to access critical data. It was apparently targeting U.S. water treatment plants, the power grid, oil and natural gas pipelines, and transportation systems. Federal officials obtained search-and-seizure orders in a Texas federal court.
“The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors, steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,” Wray said.
The hacking campaign came to light in May 2023, and there are concerns it could be working toward disrupting military operations in the Indo-Pacific region.
“It’s an active and direct threat to our homeland, our military, our ability to surge forces forward in the event of a conflict, and it’s not hypothetical,” said Rep. Mike Gallagher (R-WI), chairman of the committee. “The Chinese government has already done it, and our cyber warriors are doing everything they can to stop it.”
China continues to call these allegations from the U.S. government baseless while accusing the United States of committing cyberattacks on Beijing. Wang Wenbin, a spokesman for the Chinese foreign ministry, said last year that “China is the biggest victim of cyberattacks.”
Easterly clarified that the hacking group has not necessarily been able to gain access to critical networks through deploying malware but instead has been able to infiltrate targets by disguising itself as normal traffic.
“What these Chinese cyber actors are doing is essentially finding a vulnerability and then finding ways to live within a computer’s operating system,” Easterly explained during the hearing. “So, they’re actually very, very hard to detect because they look like any other person who’s operating on it.”
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
Officials said they are on high alert that China could be laying the groundwork to infiltrate water-treatment plants, transportation systems, and electrical grids.
“The People’s Republic of China poses a challenge unlike any our allies and nation have ever faced,” said Gen. Paul Nakasone, commander of the U.S. Cyber Command. “Defending against this activity is our top priority.”