The accusations are immense: Washington accuses Beijing’s secret service of infecting critical US infrastructure with malware in the event of war. Now the USA and Great Britain have imposed the first sanctions.
Externally they are trading partners, the heads of state shake hands and talk about competition between economies or systems. There is a huge, dirty cyber conflict raging behind it. The US and Britain on Monday indicted seven people from China and imposed sanctions on two of them and a suspected front company imposed, who are suspected of working for China’s civilian foreign intelligence service. According to the allegations, she and others injected malware into the U.S. defense industry, military bases and civilian infrastructure for years; to the power grid, water supply and more.
According to the US Treasury Department, the “Wuhan Xiaoruizhi Science and Technology Company” is a front company of the Ministry of State Security, the most important Chinese secret service. He used it to conduct various cyber operations against the United States. The state-sponsored attacks are “one of the greatest and ongoing threats to the national security of the USA,” said the department, justifying its punitive measures, which now prohibit any business with the company. Beijing condemned the move by its Western allies and called it “baseless accusations.”
Sleeper software is designed to cause chaos
The US secret services see a geopolitical motive behind the cyber attacks from China. Not only civilian but also US military bases in our own country and around the world have been infected. According to US warnings, the malware in the infrastructure could have a kind of sleeper function in the event of a war over Taiwan. The operational capability of the US military could have been sabotaged and severely restricted. The front company, as part of the civilian intelligence service, reports directly to the Chinese leadership, according to the US authorities. This is now the largest actor in cyber attacks. It is unclear how big the threat still is.
In their scenario, the secret services fear that Beijing could activate planted malware and thus trigger chaos among the civilian population, at military bases and along its supply lines. In such a case, Washington would have to worry about restoring its own supplies of electricity, food and water instead of defending an island that is far away from its own country. China repeatedly threatens to conquer and incorporate democratically ruled Taiwan by force of arms. The US is on Taiwan’s side.
The US authorities have been chasing the code in critical infrastructure for more than a year and trying to eradicate it, writes the New York Times. Accordingly, the software was partly “hidden deep in the networks” by a state-funded hacker network, known among others as “Volt Typhoon”. Months ago, a member of Congress called it “a ticking time bomb.” It is not clear how much malware has already been removed or to what extent it could be used in the event of a conflict.
“Tip of the iceberg”
According to the USA, among other things, the attackers penetrated systems in Hawaii and the main base of the US Navy in the Pacific. FBI chief Christopher Wray had in February said, Chinese cyber attacks on critical U.S. infrastructure are more massive than ever before. Volt Typhoon is “the tip of the iceberg”. Paul Nakasone, head of the National Security Agency (NSA), told Congress that hackers are constantly targeting critical networks. “This is not a temporary threat that we must address. This is persistent.”
In addition to the sanctions, the Justice Department charged seven hackers, including two linked to the Wuhan front company. The US State Department is offering a reward of up to $10 million for information about the men. According to the indictment, the group Advanced Persistent Threat 31 waged a fourteen-year campaign to intimidate critics of the Chinese government around the world. They penetrated the computer systems of US companies, members of government, politicians, candidates and campaign staff.
The attacks by the group and its helpers were diverse. In 2018, for example, hackers sent over 10,000 phishing emails to high-ranking US government officials and their advisers in the White House, the Justice Department and other departments, as well as to senators in more than ten states, where they posed as journalists. It is unclear how many attacks were successful. Before the 2020 US presidential election, hackers also tried unsuccessfully to break into the email accounts of Joe Biden’s campaign campaigns.
“This serves as a reminder of how far the Chinese government is willing to go to target and intimidate its critics,” Attorney General Merrick Garland said of the lawsuit. These included “malicious cyber operations designed to threaten the national security of the United States and its allies.” At a meeting in November, Xi at least assured that Beijing would not use its hackers to interfere in the US election this year. But according to the US secret services, his government is interested in something else anyway.