The Chinese hackers aimed to “launch a devastating cyber attack,” officials said.
Law enforcement and international organizations announced earlier this week that Chinese hackers had been on U.S. networks for up to five years as part of a cyber operation targeting critical U.S. infrastructure.
“The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) believe that People’s Republic of China (PRC) state-sponsored cyber adversaries have committed We assess that the objective is to infiltrate IT networks. In the event of a major crisis or conflict with the United States, a devastating cyberattack against critical U.S. infrastructure could occur. ” said a warning issued by the agency earlier this week.
Officials said on a call with reporters that years of activity by a state-sponsored cyberattacker that U.S. officials call “Bolt Typhoon” is a way for China to prepare for attacks on U.S. critical infrastructure using malware. He said it was.
CISA Deputy Director Eric Goldstein said the hackers had been on U.S. systems for “up to five years.”
“CISA and its U.S. government partners have confirmed that a group of Chinese state-sponsored cyber attackers has compromised organizations across multiple critical infrastructure sectors of cyberspace, including communications, energy, transportation, water and wastewater, in the United States and its territories. ” said a release on the incident.
Chinese cyber actors aim to “launch destructive cyber attacks that endanger the physical safety of Americans and disrupt military preparedness in the event of a major crisis or conflict with the United States.” The statement said.
Last week, the FBI used a court order to disrupt a hacking operation by Bolt Typhoon officials.
The recommendation builds on testimony last week from CISA Director Jen Easterly and FBI Director Christopher Wray, who both warned that Chinese hackers could disrupt the American way of life.
“The Bolt Typhoon malware allowed China to conceal pre-operational reconnaissance and network exploitation against critical infrastructure in the communications, energy, transportation, and water sectors, among others. They discovered and were preparing to destroy ‘the critical civilian infrastructure that keeps us safe and prosperous,’ Wray told a House committee last week. “And let me be clear: cyber threats to our critical infrastructure represent real-world threats to our physical security.”
In their warnings, the agencies said they were “concerned” about the impact of the cyber operation.
“U.S. copyright management agencies are concerned that these attackers could use their network access to have devastating effects in the event of potential geopolitical tensions or military conflict. ” says the warning issued by the agency. “U.S. authoring agencies assess with high confidence that Volt Typhoon attackers have pre-positioned themselves on her IT network to enable lateral movement to and disrupt functionality of OT assets. doing.”
Easterly said last week that the 2021 Colonial pipeline hack, which temporarily cut off access to the pipeline in parts of the country and caused panic, could happen more widely if China has its way. I was warned that it was sexual.
“We know that what we’ve discovered is just the tip of the iceberg,” Goldstein said.