A version of this story appeared in the daily Threat Status newsletter from The Washington Times. Click here to receive Threat Status delivered directly to your inbox each weekday.
The heads of the FBI and the Cybersecurity and Infrastructure Security Agency told lawmakers that their agencies have thwarted Chinese government-linked efforts to hack critical U.S. infrastructure, and they warned that Beijing’s infiltration attempts are escalating and poised to induce chaos if left unchecked.
FBI Director Christopher A. Wray and CISA chief Jen Easterly gave the testimony Wednesday to the House Select Committee on the Chinese Communist Party, which focused on Beijing’s efforts to hack into critical U.S. infrastructure such as power grids, bridges, water supply systems, and oil and gas pipelines.
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities if or when China decides the time has come to strike,” Mr. Wray said in his opening testimony. “Today, and literally every day, they’re actively attacking our economic security, engaging in wholesale theft of our innovation and our personal and corporate data.”
Committee Chairman Mike Gallagher, Wisconsin Republican, said China and a community of state-backed hackers have spent 20 years planting malware into the technology that controls infrastructure with the intent of sowing mass chaos, confusion and casualties with the flick of a switch.
“This is the cyberspace equivalent of placing bombs on American bridges, water treatment facilities and power plants,” Mr. Gallagher said.
China’s cyberespionage programs to infiltrate the U.S. are not new, but too little public attention has been given to their efforts, said Mr. Wray, who regularly cites China as the FBI’s top security concern.
China’s hacking operation is more extensive than those of every other U.S. adversary combined, he said, and the community of Chinese cyberoperatives outnumbers the FBI’s cybersecurity agents by a ratio of 50-1.
“The [Chinese Communist Party’s] dangerous actions, China’s multipronged assault on our national security and economic security, make it the defining threat of our generation,” Mr. Wray said.
He said the FBI recently carried out a coordinated operation to identify hundreds of routers operated and taken over by the notorious state-sponsored hacking group Volt Typhoon. Those routers covertly infiltrated U.S. public and private networks and took specific steps to “destroy and degrade” critical infrastructure.
Targets of the hack included naval ports, internet service providers and utilities, authorities said.
Mr. Wray noted that China’s targeting of U.S. infrastructure systems is just one part of a coordinated large-scale effort to undermine America’s economic security. The effort also includes stealing intellectual property from high-tech companies and personal records from millions of U.S. citizens and government employees.
Rep. Raja Krishnamoorthi of Illinois, the top Democrat on the select committee created by the new House Republican majority after the 2022 midterm elections, said China had transformed itself into a “cyber superpower.” He noted that Volt Typhoon hackers had broken into dozens of critical infrastructure points and attempted to breach the Texas power grid.
He said China’s moves were meant to undermine U.S. military readiness and civil functions, with the explicit intent to “shake the enemy’s will to war.”
“Any cyberattack that results in physical damage or loss of life would grant the United States the inherent right to self-defense,” Mr. Krishnamoorthi said. “We need to make sure that we have the capability to respond, and to respond decisively.”
Attack and defense
China’s communist government has denounced the committee’s work and denied it conducts or condones the hacking operations. The Chinese Foreign Ministry said Beijing has been the target of U.S. offensive cyberoperations.
Foreign Ministry spokesman Geng Shuang accused the Biden administration in early January of engaging in double standards when it attacks other nations’ cyberoperations.
A report released by the Chinese cybersecurity monitoring firm 360 Security Group this week said more than 1,200 intrusions from at least 13 foreign sources targeted Chinese industries last year, with a particular focus on education. A Chinese state media account of the study did not identify individual countries suspected in the hacks but said the sources included operations based in North America, South Asia, Southeast Asia and East Asia.
A steady stream of court cases and private investigations suggest China’s cyberoperations are gaining momentum in the U.S.
Software giant Microsoft said last year that an internal investigation found that Chinese hackers with ties to the Beijing government routinely target networks that manage U.S. infrastructure systems.
Ms. Easterly, the CISA director, said Chinese state-sponsored hacking outfits burrow deep. She told lawmakers that her agency recently thwarted threats to aviation, water and other critical public infrastructure systems.
Despite all the efforts by cybersecurity agencies, the technology underpinning many American infrastructure systems is “inherently insecure,” she said.
Ms. Easterly said Chinese hackers have taken advantage of “very basic flaws” in the technology that operates infrastructure. She accused some software developers of eschewing security safeguards to speed up product development and hit the market sooner.
She said CEOs and board members in the private sector will not take the steps needed to better secure technology and infrastructure until they realize that cyberattack risks are also business risks.
“We’ve made it easy on them,” Ms. Easterly said.
Mr. Wray said the Chinese hacking operations specifically target civilian systems with lower security safeguards than those dealing with government functions of national security.
“Low blows against civilians are part of China’s plan,” he said.
• David R. Sands contributed to this story, which is based in part on wire service reports.
• Alex Miller can be reached at amiller@washingtontimes.com.
Please read our comment policy before commenting.