NASHVILLE, TN - At a speech at Vanderbilt University on Thursday, April 18th, Federal Bureau of Investigation (FBI) Director Christopher Wray told attendees that Chinese government-linked hackers have "burrowed" into U.S. critical infrastructure and is essentially "waiting for the right moment to deal a devastating blow" to the entire country.
According to a report from Reuters, an ongoing Chinese hacking campaign known as "Volt Typhoon" has, according to Wray, successfully gained access to numerous American companies in telecommunications, energy, water, and other critical sectors with a total of 23 pipeline operations currently targeted.
At the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats, Wray said that the hackers plan is to "land low blows against civilian infrastructure to try to induce panic." He said that China is developing the ability to "physically wreak havoc on our critical infrastructure at a time of its choosing."
He said that it has been difficult to determine the intent of this cyber pre-positioning, which was aligned with China's broader intent to deter the U.S. from defending Taiwan. A Chinese Ministry of Foreign Affairs (MFA) spokesperson said that Volt Typhoon is not related to China's government, but that it is part of a criminal ransomware group.
In a statement, China's Embassy in Washington, D.C. referenced the MFA spokesperson's comment, saying, "Some in the U.S. have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the U.S. to be the victim while it's the other way around, politicizing cybersecurity issues."
According to Wray, the hackers a part of this Volt Typhoon operate a series of botnets, which are constellations of compromised personal computers and servers around the world and use them to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies have previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google.
At the summit, Wray said, "The PRC (People's Republic of China) has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate the world stage." He said that the cyber burrowing by the Chinese Communist Party stems from its "aspirations to wealth and power."
Wray suggested that China is interested in having countermeasures in place for a "crisis between China and Taiwan by 2027." He said, "The fact is, the PRC's targeting of our critical infrastructure is both broad and unrelenting. it's using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing."
He added, "When one victim company set up a honeypot, essentially a trap designed to look like a legitimate part of a computer network with decoy documents, it took the hackers all of 15 minutes to steal data related to the control and monitoring systems, while ignoring financial and business-related information, which suggests their goals were even more sinister than stealing a leg up economically." To combat China's cyber infiltration schemes, top law enforcement, military, and intelligence agencies are collaborating to uncover and thwart those attacks.
He said, "We've seen the best outcomes in situations where a company made a habit of reaching out to their local FBI field office even before there was any indication of a problem because that put everyone on the same page and contributed to the company's readiness."
He encouraged private sector organizations to keep an eye on their "hardware and supply chains" to avoid potential compromise, such as the Solar Winds hack that used "innocuous-looking software updates" as a vector. He said in a statement, "Vetting your vendors, their security practices, and knowing who's building the hardware and software you're granting access to your network is crucial, so push for transparency into what vendors and suppliers are doing with your data and how they will maintain it."
During a House Select Committee on China hearing earlier in the year, Wray issued a similar warning to lawmakers. He has warned that Chinese-led hackers have their sights on the electrical grid, oil and natural gas pipelines, transportation systems, American water treatment plants, and more.
According to a report from Reuters, an ongoing Chinese hacking campaign known as "Volt Typhoon" has, according to Wray, successfully gained access to numerous American companies in telecommunications, energy, water, and other critical sectors with a total of 23 pipeline operations currently targeted.
At the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats, Wray said that the hackers plan is to "land low blows against civilian infrastructure to try to induce panic." He said that China is developing the ability to "physically wreak havoc on our critical infrastructure at a time of its choosing."
He said that it has been difficult to determine the intent of this cyber pre-positioning, which was aligned with China's broader intent to deter the U.S. from defending Taiwan. A Chinese Ministry of Foreign Affairs (MFA) spokesperson said that Volt Typhoon is not related to China's government, but that it is part of a criminal ransomware group.
In a statement, China's Embassy in Washington, D.C. referenced the MFA spokesperson's comment, saying, "Some in the U.S. have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the U.S. to be the victim while it's the other way around, politicizing cybersecurity issues."
According to Wray, the hackers a part of this Volt Typhoon operate a series of botnets, which are constellations of compromised personal computers and servers around the world and use them to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies have previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google.
At the summit, Wray said, "The PRC (People's Republic of China) has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate the world stage." He said that the cyber burrowing by the Chinese Communist Party stems from its "aspirations to wealth and power."
Wray suggested that China is interested in having countermeasures in place for a "crisis between China and Taiwan by 2027." He said, "The fact is, the PRC's targeting of our critical infrastructure is both broad and unrelenting. it's using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing."
He added, "When one victim company set up a honeypot, essentially a trap designed to look like a legitimate part of a computer network with decoy documents, it took the hackers all of 15 minutes to steal data related to the control and monitoring systems, while ignoring financial and business-related information, which suggests their goals were even more sinister than stealing a leg up economically." To combat China's cyber infiltration schemes, top law enforcement, military, and intelligence agencies are collaborating to uncover and thwart those attacks.
He said, "We've seen the best outcomes in situations where a company made a habit of reaching out to their local FBI field office even before there was any indication of a problem because that put everyone on the same page and contributed to the company's readiness."
He encouraged private sector organizations to keep an eye on their "hardware and supply chains" to avoid potential compromise, such as the Solar Winds hack that used "innocuous-looking software updates" as a vector. He said in a statement, "Vetting your vendors, their security practices, and knowing who's building the hardware and software you're granting access to your network is crucial, so push for transparency into what vendors and suppliers are doing with your data and how they will maintain it."
During a House Select Committee on China hearing earlier in the year, Wray issued a similar warning to lawmakers. He has warned that Chinese-led hackers have their sights on the electrical grid, oil and natural gas pipelines, transportation systems, American water treatment plants, and more.
For corrections or revisions, click here.
The opinions reflected in this article are not necessarily the opinions of LET
Comments
2024-04-20T10:32-0400 | Comment by: Mark
And yet the FBI is more concerned with prosecuting people who protested on January 6th rather than throw all their resources at the real enemy, China. Disgusting.
2024-04-20T10:33-0400 | Comment by: Mark
And yet the FBI is more concerned with prosecuting people who protested on January 6th rather than throw all their resources at the real enemy, China. Disgusting.
2024-04-20T10:33-0400 | Comment by: Mark
And yet the FBI is more concerned with prosecuting people who protested on January 6th rather than throw all their resources at the real enemy, China. Disgusting.
2024-04-20T10:33-0400 | Comment by: Mark
And yet the FBI is more concerned with prosecuting people who protested on January 6th rather than throw all their resources at the real enemy, China. Disgusting.
2024-04-20T17:23-0400 | Comment by: Ken
If the Republicans had any brains or smarts they would connect the dots and start making a loud noise about Mayorkas letting in a ton of illegal Chinese men of military age and known to be affiliated with the CCP with no restrictions and who also pose a significant physical threat alongside with the cyber crooks to wreak enormous damage to this Nation. Biden needs to be ut on notice and the Republicans need to make this known loud, frequently and clear
2024-04-20T18:01-0400 | Comment by: Jerome
Christopher Wray is just as guilty of the illegal immigration as Mayorkas is guilty. Add to that list Meredith Garland and you have the Biden rat squad that is not doing anything to stop this problem.
2024-04-21T04:02-0400 | Comment by: Richard
From: Boente, Dana (DO) (FBI) <DBoente@fbi.gov> Sent: Tuesday November 12, 2019 10:57 AM To: Richard C. Curtiss <curtissway@gmail.com> Subject: RE: Response: Mr. Curtiss, I have not received any prior correspondence from you. If you are requesting an investigation, you should contact the nearest field office or the FBI tip line (https://tips.fbi.gov/contact). From: Page, Lisa C. (OGC) (FBI) Sent: Wednesday, December 20, 2017 5:15 AM To: Richard C Curtiss Subject: Automatic reply: FBI Director Christopher Wray: I will be out of the office from Tuesday, December 19th through Thursday, December 28th. I do not expect to have access to this email during that time. If your matter is urgent, please call 202-324-6810. Thank you Lisa Page From: Select_Clerks <Select_Clerks@mail.house.gov> Sent: Friday, December 10, 2021 10:00 AM To: RICHARD C. CURTISS <curtissway@gmail.com> Cc: Select_Clerks <Select_Clerks@mail.house.gov> Subject: RE: House Select Committee to Investigate the January 6, 2021 Attack on the US Capitol: Mr. Curtiss, The Select Committee is in receipt of the information you provided. At this time the Select Committee does not anticipate requiring your testimony. If that were to change, we will notify you. Thank you
2024-04-21T10:21-0400 | Comment by: Kent
Chinese hackers? With or without the help of the FBI???
2024-04-21T10:21-0400 | Comment by: Kent
Chinese hackers? With or without the help of the FBI???
2024-04-21T10:54-0400 | Comment by: Randall
Our government is either incompetent, or complicit.
2024-04-21T22:27-0400 | Comment by: Mortimer
This IDIOT should have thought of that when he said NOTHING about our wide open borders......THAT ARE STILL WIDE OPEN!! And our IDIOT dems are accomplices to it all. YOU GET WHAT YOU VOTE FOR PEOPLE.....BUT YOU KEEP VOTING DEMOCRAT!!!
2024-04-21T23:43-0400 | Comment by: Carlton
He can go and report it to the World Economic Forum . He is a frequent visitor of theirs .
2024-04-21T23:46-0400 | Comment by: Carlton
He can go and report it to the World Economic Forum . He is a frequent visitor of theirs .