The Chinese military is allegedly attempting to infiltrate the United States’ critical infrastructure, including power and water utilities, communications, and transportation systems, US government officers and cybersecurity experts have warned.
This comes weeks after President Biden met with Chinese President Xi Jinping in San Francisco in an effort to put a shaky U.S.-China relationship into a better place, including by resuming military-to-military communication.
According to a report in The Washington Post, hacking groups linked to China's People's Liberation Army (PLA) have penetrated the computer systems of about two dozen critical entities over the past year.
The intrusions are part of a broader effort to build up ways to propagate panic and chaos or snarl logistics in the event of a US-China conflict in the Pacific, US government and industry officials said.
The outlet further said that some of the services attacked by the Chinese hackers are water utility in Hawaii, a major West Coast port, and at least one oil and gas pipeline.
Hackers affiliated with China’s People’s Liberation Army have hacked into the computer systems of about two dozen critical entities over the past year.
The hackers also attempted to break into the operator of Texas’s power grid, which operates independently from electrical systems in the rest of the country, The Washington Post said.
Several other entities attacked by hackers outside the United States include electric utilities. According to U.S. officials, no intrusions affected industrial control systems that operated pumps, pistons, or any critical function or caused a disruption.
The experts said the Chinese military wants the ability to complicate US efforts to ship troops and equipment to the region if a conflict breaks out over Taiwan.
The Washington Post report said that these new details give a complete picture of China's Volt Typhoon cyber campaign, first detected about a year ago by the US government.
“It is very clear that the Chinese attempts to compromise, critical infrastructure pre-position themselves to be able to disrupt or destroy that critical infrastructure in the event of a conflict to either prevent the United States from being able to protect power into Asia, or to call societal chaos inside the United States— to affect our decision making around a crisis,” send Brandon Wales, executive director of the Department of Homeland Security Cyber Security and Infrastructure Security Agency (CISA).
“That is a significant change from Chinese cyber activity from seven to ten years ago that was focused primarily on political and economic espionage.”
The National Security Agency’s Cybersecurity Collaboration Center director confirmed in an email that Volt Typhoon activity “appears to be focused on targets within the Indo-Pacific region, including Hawaii.”
According to the officials, the hackers often sought to mask their tracks by threading their attacks through innocuous devices such as home or office routers before reaching their victims.
A key goal was to steal employee credentials they could use to return, posing as regular users. However some of their entry methods have not been determined.
The hackers are looking for a way to get in without being detected, said Joe McReynolds, a China security studies fellow at the Jamestown Foundation, a think tank focused on security issues.
“You’re trying to build tunnels into your enemies' infrastructure that you can later use to attack. Until then you lie in wait, carry out renaissance, figure out if you can move into industrial control systems, or more critical companies or targets upstream. And one day, if you get the order from on high, you switch from reconnaissance to attack,” he said.
McReynolds continues by saying that Chinese military officers have described in internal documents how they might use cyber tools or “ network warfare” in a conflict, as he witnessed in some of the writings.
He said military strategists describe synchronizing air and missile strikes with disruption of command and control networks, critical infrastructure, satellite networks, and military logistics systems.
According to people familiar with the matter, the topic of Chinese cyber intrusions into critical infrastructure was on a proposed list of talking points to raise in Biden’s encounter with Xi. Still, it did not come up in the four-hour meeting.
Comments