Shannon Brandao on LinkedIn: China’s Hackers Keep Targeting US Water and Electricity Supplies
Wired [excerpt]: For years Western security officials have warned about the threat of #China collecting data about millions of people and the country’s hackers…
LinkedInShannon Brandao

Shannon's excerpt from the article: "Wired [excerpt]: For years Western security officials have warned about the threat of #China collecting data about millions of people and the country’s hackers infiltrating sensitive systems. This week, Federal Bureau of Investigation director Christopher Wray said #hackers affiliated with the Chinese Communist Party are constantly targeting US critical infrastructure, such as water treatment plants, the electrical grid, and oil and gas pipelines. Wray’s testimony, at a House subcommittee on China, came as the #FBI also revealed it removed #malware from hundreds of routers in people’s homes and offices that had been planted by the Chinese hacking group Volt Typhoon.

'China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities,' Wray said in the public appearance. 'Low blows against civilians are part of China’s plan.' The FBI director added that China has a bigger #hacking operation than 'every other major nation combined,' and claimed that if all of the FBI’s cyber-focused agents were assigned to work on issues related to China, they would still be outnumbered 'by at least 50 to 1.'

While concerns about the scale of China’s espionage and cyber operations aren’t new, the US intelligence community has been increasingly vocal and worried about critical infrastructure being targeted by Volt Typhoon and other groups. 'The threat is extremely sophisticated and pervasive,' NSA officials warned in November. In May 2023, Microsoft revealed it had been tracking Volt Typhoon intrusions at communications and transportation infrastructure, among other critical infrastructure, in US states and Guam.

The FBI and DOJ, also revealed this week that they remotely removed the KV Botnet malware from hundreds of routers infected by Volt Typhoon. The impacted routers, from #Cisco and #Netgear, were mostly at the end of their life, but were being used as part of wider operations. 'The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors,' Wray said. It isn’t the first time US officials have obtained a court order to remotely wipe devices infected by hackers, but the move is still rare."

#news #geopolitics