FBI Director Wray Sounds Alarm Over CCP’s Cyber Threat to Critical US Infrastructure

China’s hacking program is more significant than that of every other major nation combined, the FBI director said.Hackers backed by the Chinese Communist Party (CCP) pose a serious threat to the critical infrastructure of the United States, according to the director of the Federal Bureau of Investigation (FBI).During a Feb. 15 speech at the Munich Security Conference (MSC), Christopher Wray said he believes the cyber threat posed by the Chinese regime is “massive” as it continues to attack the economic security, national security, and sovereignty of rule-of-law nations worldwide.“In fact, China-sponsored hackers pre-positioned for potential cyberattacks against U.S. oil and natural gas companies way back in 2011,” he said.“But these days, it’s reached something closer to a fever pitch. What we’re seeing now, is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right,” Mr. Wray added.His comments come on the back of a recent multi-agency operation that eradicated Chinese malware, known as Volt Typhoon, which had been embedded by a group of hackers in critical infrastructure throughout the United States. Intelligence leaders said the hackers focused on oil, gas, water, internet, energy, and transportation infrastructure.The malware was less about collecting intelligence and more about disrupting or damaging the infrastructure, according to intelligence leaders who gave testimony to the Select Committee on the CCP on Jan. 31.China’s Hacking Program Bigger Than Every Other Major NationLawmakers and security officials have been increasingly sounding the alarm over the threat posed by China’s offensive cyber capabilities. A China Transparency Report, published by the conservative think tank Heritage Foundation, classed the CCP as the “greatest existential threat” to the United States in the world today.Related StoriesJen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), has provided stark accounts of China’s pre-emptive placement of malware on critical infrastructure.Mr. Wray says China’s hacking program is more significant than that of every other major nation combined, and its size is only magnified by the use of Artificial Intelligence (AI) built on stolen data and tech.“But the People’s Republic of China (PRC) cyber threat is made even more harmful” by the way the Chinese regime “combines cyber means with traditional espionage and economic espionage, foreign malign influence, election interference, and transnational repression,” Mr. Wray said.“In other words, the CCP is throwing its whole government at undermining the security of the rule-of-law world, it’s hitting us indiscriminately, like in the so-called ‘Hafnium’ Microsoft Exchange hack, where the PRC compromised managed service providers, hitting tens of thousands of victims.”In March 2021, tens of thousands of organizations worldwide discovered that their corporate servers, emails, calendars, and other software systems had been compromised by a group of Chinese hackers. Initially, the attack was attributed to a group known as “Hafnium.” After months of investigation, the UK’s National Cyber Security Centre concluded it was “highly likely that Hafnium is associated with the Chinese state.”“China-sponsored hackers known as Volt Typhoon were hiding inside our networks, lying in wait for the moment China might choose to use their access to hurt American civilians,” Mr. Wray said.“And while many of you may have seen the Volt Typhoon story as one about the PRC targeting the United States, in fact, their targets spanned the globe, which shouldn’t be surprising, because in hack after hack, for years, we’ve seen the PRC hitting our partners around the world.”The FBI director believes the best way to combat the growing CCP threat is by “rule-of-law nations united against criminality and abuse.”“I know there are some representatives of the CCP walking around town. But I don’t mind them knowing we’re onto them,” Mr. Wray said.China Not the Only Threat LurkingThe cyber threat from China is significant; however, Mr. Wray emphasized that it is not the only one. He believes that other adversaries, including Russia, Iran, and North Korea, are becoming increasingly sophisticated and dangerous.“Take, for instance, the 2022 cyberattack by an Iranian-sponsored group on a children’s hospital in the United States, one that showed a callous and, frankly, despicable disregard for the safety of the most vulnerable among us,” he said.“Or consider Russia’s continued targeting of critical infrastructure, including underwater cables and industrial control systems both in the United States and around the world.”Research published by OpenAI, the ChatGPT developer, and Microsoft on Feb. 14, claims state-affiliated hackers from China, Iran, North Korea, and Russia were caught trying to use AI tools to improve their offensive cyber operations.OpenAI and Microsoft said

FBI Director Wray Sounds Alarm Over CCP’s Cyber Threat to Critical US Infrastructure

.

China’s hacking program is more significant than that of every other major nation combined, the FBI director said.

Hackers backed by the Chinese Communist Party (CCP) pose a serious threat to the critical infrastructure of the United States, according to the director of the Federal Bureau of Investigation (FBI).

During a Feb. 15 speech at the Munich Security Conference (MSC), Christopher Wray said he believes the cyber threat posed by the Chinese regime is “massive” as it continues to attack the economic security, national security, and sovereignty of rule-of-law nations worldwide.

“In fact, China-sponsored hackers pre-positioned for potential cyberattacks against U.S. oil and natural gas companies way back in 2011,” he said.

“But these days, it’s reached something closer to a fever pitch. What we’re seeing now, is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right,” Mr. Wray added.

His comments come on the back of a recent multi-agency operation that eradicated Chinese malware, known as Volt Typhoon, which had been embedded by a group of hackers in critical infrastructure throughout the United States. Intelligence leaders said the hackers focused on oil, gas, water, internet, energy, and transportation infrastructure.
The malware was less about collecting intelligence and more about disrupting or damaging the infrastructure, according to intelligence leaders who gave testimony to the Select Committee on the CCP on Jan. 31.
.

China’s Hacking Program Bigger Than Every Other Major Nation

Lawmakers and security officials have been increasingly sounding the alarm over the threat posed by China’s offensive cyber capabilities. A China Transparency Report, published by the conservative think tank Heritage Foundation, classed the CCP as the “greatest existential threat” to the United States in the world today.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), has provided stark accounts of China’s pre-emptive placement of malware on critical infrastructure.

Mr. Wray says China’s hacking program is more significant than that of every other major nation combined, and its size is only magnified by the use of Artificial Intelligence (AI) built on stolen data and tech.

“But the People’s Republic of China (PRC) cyber threat is made even more harmful” by the way the Chinese regime “combines cyber means with traditional espionage and economic espionage, foreign malign influence, election interference, and transnational repression,” Mr. Wray said.

“In other words, the CCP is throwing its whole government at undermining the security of the rule-of-law world, it’s hitting us indiscriminately, like in the so-called ‘Hafnium’ Microsoft Exchange hack, where the PRC compromised managed service providers, hitting tens of thousands of victims.”

In March 2021, tens of thousands of organizations worldwide discovered that their corporate servers, emails, calendars, and other software systems had been compromised by a group of Chinese hackers. Initially, the attack was attributed to a group known as “Hafnium.” After months of investigation, the UK’s National Cyber Security Centre concluded it was “highly likely that Hafnium is associated with the Chinese state.”

“China-sponsored hackers known as Volt Typhoon were hiding inside our networks, lying in wait for the moment China might choose to use their access to hurt American civilians,” Mr. Wray said.

“And while many of you may have seen the Volt Typhoon story as one about the PRC targeting the United States, in fact, their targets spanned the globe, which shouldn’t be surprising, because in hack after hack, for years, we’ve seen the PRC hitting our partners around the world.”

The FBI director believes the best way to combat the growing CCP threat is by “rule-of-law nations united against criminality and abuse.”

“I know there are some representatives of the CCP walking around town. But I don’t mind them knowing we’re onto them,” Mr. Wray said.

.

China Not the Only Threat Lurking

The cyber threat from China is significant; however, Mr. Wray emphasized that it is not the only one. He believes that other adversaries, including Russia, Iran, and North Korea, are becoming increasingly sophisticated and dangerous.

“Take, for instance, the 2022 cyberattack by an Iranian-sponsored group on a children’s hospital in the United States, one that showed a callous and, frankly, despicable disregard for the safety of the most vulnerable among us,” he said.

“Or consider Russia’s continued targeting of critical infrastructure, including underwater cables and industrial control systems both in the United States and around the world.”

Research published by OpenAI, the ChatGPT developer, and Microsoft on Feb. 14, claims state-affiliated hackers from China, Iran, North Korea, and Russia were caught trying to use AI tools to improve their offensive cyber operations.

OpenAI and Microsoft said they had to deactivate generative AI accounts associated with five state-affiliated groups: Charcoal Typhoon and Salmon Typhoon from China, Forest Blizzard from Russia, Emerald Sleet from North Korea, and Crimson Sandstorm from Iran.

North Korea has also been linked to the theft of billions in crypto over the past five years. North Korean hackers have been responsible for over 20% of all crypto thefts, with their cyberattacks classed as ten times larger than those made by other bad actors in the space, according to a report last August.

.