Hackers backed by the Chinese Communist Party (CCP) pose a serious threat to the critical infrastructure of the United States, according to the director of the Federal Bureau of Investigation (FBI).
“In fact, China-sponsored hackers pre-positioned for potential cyberattacks against U.S. oil and natural gas companies way back in 2011,” he said.
“But these days, it’s reached something closer to a fever pitch. What we’re seeing now, is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right,” Mr. Wray added.
China’s Hacking Program Bigger Than Every Other Major Nation
Lawmakers and security officials have been increasingly sounding the alarm over the threat posed by China’s offensive cyber capabilities. A China Transparency Report, published by the conservative think tank Heritage Foundation, classed the CCP as the “greatest existential threat” to the United States in the world today.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), has provided stark accounts of China’s pre-emptive placement of malware on critical infrastructure.
Mr. Wray says China’s hacking program is more significant than that of every other major nation combined, and its size is only magnified by the use of Artificial Intelligence (AI) built on stolen data and tech.
“But the People’s Republic of China (PRC) cyber threat is made even more harmful” by the way the Chinese regime “combines cyber means with traditional espionage and economic espionage, foreign malign influence, election interference, and transnational repression,” Mr. Wray said.
“In other words, the CCP is throwing its whole government at undermining the security of the rule-of-law world, it’s hitting us indiscriminately, like in the so-called ‘Hafnium’ Microsoft Exchange hack, where the PRC compromised managed service providers, hitting tens of thousands of victims.”
In March 2021, tens of thousands of organizations worldwide discovered that their corporate servers, emails, calendars, and other software systems had been compromised by a group of Chinese hackers. Initially, the attack was attributed to a group known as “Hafnium.” After months of investigation, the UK’s National Cyber Security Centre concluded it was “highly likely that Hafnium is associated with the Chinese state.”
“China-sponsored hackers known as Volt Typhoon were hiding inside our networks, lying in wait for the moment China might choose to use their access to hurt American civilians,” Mr. Wray said.
“And while many of you may have seen the Volt Typhoon story as one about the PRC targeting the United States, in fact, their targets spanned the globe, which shouldn’t be surprising, because in hack after hack, for years, we’ve seen the PRC hitting our partners around the world.”
The FBI director believes the best way to combat the growing CCP threat is by “rule-of-law nations united against criminality and abuse.”
China Not the Only Threat Lurking
The cyber threat from China is significant; however, Mr. Wray emphasized that it is not the only one. He believes that other adversaries, including Russia, Iran, and North Korea, are becoming increasingly sophisticated and dangerous.“Take, for instance, the 2022 cyberattack by an Iranian-sponsored group on a children’s hospital in the United States, one that showed a callous and, frankly, despicable disregard for the safety of the most vulnerable among us,” he said.
“Or consider Russia’s continued targeting of critical infrastructure, including underwater cables and industrial control systems both in the United States and around the world.”
OpenAI and Microsoft said they had to deactivate generative AI accounts associated with five state-affiliated groups: Charcoal Typhoon and Salmon Typhoon from China, Forest Blizzard from Russia, Emerald Sleet from North Korea, and Crimson Sandstorm from Iran.
North Korea has also been linked to the theft of billions in crypto over the past five years. North Korean hackers have been responsible for over 20% of all crypto thefts, with their cyberattacks classed as ten times larger than those made by other bad actors in the space, according to a report last August.
