FBI Director Christopher Wray believes that Chinese hackers are ready to “ wreak havoc » on American infrastructure.
FBI Director Christopher Wray recently warned of the growing threat that Chinese hackers pose to the national and economic security of the United States, already prey to cyberattacks, notably those of the LockBit gang, dismantled in February 2024.
At a summit on modern conflicts and emerging threats at Vanderbilt University, Christopher Wray put forward a worrying figure: according to him, China has 50 hackers for every FBI agent. They are ready to cause damage to sensitive American infrastructure at any time, jeopardizing the stability of the country.
He notably mentioned Volt Typhoon, this hacking campaign which managed to infiltrate many American companies in sectors such as telecommunications, energy, water and other essential sectors.
FBI requests reinforcements, including CIA, to counter immediate and imminent attacks from China
FBI Director Christopher Wray stressed the urgency of the threat from Chinese cyberhackers. He indicated that China counts “ strike low blows against civilian infrastructure in an attempt to cause panic and break America’s will to resist “.
To support his argument and his concern, he recalled
the massive attacks of 2021 that exploited zero-day vulnerabilities in Microsoft Exchange Server, as one of the most prominent examples of China’s indiscriminate cyberattacks. These attacks were carried out by the Hafnium group, supported by China. Fortunately, the FBI obtained a court order to remotely wipe out these thousands of infected systems before the hackers did more damage.
Scalded Cat Fears Cold Water, the FBI has mobilized its own foreign offices in the United States and around the world to be ready to respond to this Chinese threat. The agency works with US Cyber Command, the CIA and foreign law enforcement agencies to disrupt Chinese hacking operations.
The Volt Typhoon threat
The relentless efforts of Chinese cyberhackers to infiltrate and maintain their presence in critical infrastructure are increasing pressure on American organizations. These organizations have been facing Chinese-backed cyberespionage and cybercriminal groups for more than a decade. To support economic initiatives like Made in China 2025 and several other five-year plans, Beijing has for years used cyberattack groups to systematically steal intellectual property and trade secrets from companies in key sectors.
The targets of these attacks are diverse and include organizations in fields such as biotechnology, aviation, artificial intelligence, agriculture and healthcare. Wray highlighted that China is engaged in the largest and most sophisticated theft of intellectual property and expertise in world history.
In recent months, the Volt Typhoon group has been one of the most visible players in what the United States sees as China’s unbridled aggression in cyberspace. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and security service providers have repeatedly reported this year on intrusions by these malicious actors into U.S. critical infrastructure networks and operational technology environments. The goal of these intrusions is to establish a presence on these networks and wait for instructions to launch attacks. Last year, the New York Times revealed that Volt Typhoon had attacked military bases, leading Biden administration officials to acknowledge that the actor’s malware was more widespread on U.S. networks than previously thought.
Source : Dark Reading
1