A multi-agency operation has eradicated Chinese malware embedded in critical infrastructure throughout the United States.
The Select Committee on the Chinese Communist Party (CCP) heard testimony about the malware on Jan. 31, which intelligence leaders said focused on oil, gas, water, internet, energy, and transportation infrastructure.
“The purpose of the hacking was not to collect intelligence,” said Rep. Raja Krishnamoorthi (D-Ill.), the committee’s ranking Democrat member. “The purpose of the hacking was to install malware that, once activated, would disrupt or damage the infrastructure.”
Mr. Krishnamoorthi added that had the malware been activated by the CCP, it would have physically harmed American citizens and amounted to an act of war.
CCP Planned Attacks ‘Against Civilians’
FBI Director Christopher Wray testified that the CCP’s intrusion into U.S. systems was unique for the extent to which it deliberately targeted civilian systems that would directly pose physical harm to U.S. citizens.“They’re not focused just on political and military targets,” Mr. Wray said.
He said the malware that the operation removed from U.S. systems was designed to directly disrupt, degrade, and destroy U.S. infrastructure, likely in coordination with direct military actions in the event of a conflict between the two nations.
“The Volt Typhoon malware allowed China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, [and] water sectors,” Mr. Wray said.
“Let’s be clear. Cyber threats to our critical infrastructure represent real-world threats to our physical safety.”
Paul Nakasone, director of the National Security Agency, said that finding and countering CCP malware targeting civilians is now the agency’s top priority.
“This is a decision by an actor to actually focus on civilian targets,” he said.
‘Cyber Invasion’
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), said that Volt Typhoon was just one part of an all-out “cyber invasion” by the CCP, which was aimed at overwhelming U.S. systems at a time and place of the regime’s choosing.“This is likely just the tip of the iceberg,” Ms. Easterly said.
“Imagine not one pipeline, but many pipelines disrupted. Telecommunications going down so people can’t use their cell phones. People start getting sick from polluted water. Trains get derailed. Air traffic control systems, and port control systems are malfunctioning.
“This is truly an everything, everywhere, all-at-once scenario.”
Ms. Easterly described the CCP as a “preeminent cyber threat,” saying that the regime seeks to leverage its infiltration of U.S. systems to “crush the American will” and “induce societal panic in their adversary.”
“The threat is not theoretical ... CISA teams have found and eradicated Chinese instructions in multiple critical infrastructure sectors including aviation water energy transportation,” she added.
Similarly, Select Committee Chairman Mike Gallagher (R-Wis.) described the malware as “the cyberspace equivalent of placing bombs on American bridges, water treatment facilities, and power plants.”
“There is no economic benefit for these actions. There is no intelligence-gathering rationale,” he said.
“The sole purpose is to be ready to destroy American infrastructure, which will inevitably result in mass American casualties.”
