Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting “for just the right moment to deal a devastating blow,” FBI Director Christopher Wray said on Thursday.
An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University.
China is developing the “ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” Wray said at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats. “Its plan is to land low blows against civilian infrastructure to try to induce panic.”
Wray said it was difficult to determine the intent of this cyber pre-positioning which was aligned with China’s broader intent to deter the U.S. from defending Taiwan.
China claims democratically governed Taiwan as its own territory and has never renounced the use of force to bring the island under its control. Taiwan strongly objects to China’s sovereignty claims and says only the island’s people can decide their future.
Earlier this week, a Chinese Ministry of Foreign Affairs spokesperson said Volt Typhoon was in fact unrelated to China’s government, but is part of a criminal ransomware group.
In a statement, China’s Embassy in Washington referred back to the MFA spokesperson’s comment. “Some in the US have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the US to be the victim while it’s the other way round, and politicizing cybersecurity issues.”
Wray said China’s hackers operated a series of botnets – constellations of compromised personal computers and servers around the globe – to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google.