FBI claims China could be set to launch attacks on US infrastructure any day
More attacks on the way, FBI chief warns
Chinese hacking group Volt Typhoon has infested systems used to manage US infrastructure and is now waiting for the opportune moment to strike, FBI Director Christopher Wray has said.
The systems affected are used to control water, energy, and telecommunications among other sectors, with previous attacks linked to Chinese hacker groups possibly being practice attacks in order to create a playbook for an attack on a larger scale.
China has already begun its campaign of election interference and voter influence, and cyber attacks could contribute to China’s overall goal of inducing panic and destabilizing the US.
Chinese government claims no involvement
The Chinese Ministry of Foreign Affairs has said that it bears no relationship with the Volt Typhoon group, and has officially deemed it a criminal ransomware group, but evidence from threat research organizations at Microsoft and Google have found links between the group and the Chinese state.
Speaking at the Vanderbilt Summit on Modern Conflict and Emerging threats, Wray said that the group was working on behalf of China to build up its “ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” and that the group was waiting “for just the right moment to deal a devastating blow.”
Following the election of pro-independence candidate president Lai Ching-te in the Taiwan elections, China has stepped up its posturing and rhetoric for reunification, with Wray stating that China intends to use its ability to attack critical US infrastructure as a deterrence against US defense of Taiwan.
It's not just US critical infrastructure under threat, as multiple government agencies have recently had emails breached and stolen by Russian hackers abusing a vulnerability in Microsoft’s corporate email accounts.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
APT29, also tracked as Midnight Blizzard, has strong links to Russia’s Foreign Intelligence Service and used a sequence of critical Microsoft vulnerabilities in order to breach the agencies, who have not been named nor the extent of the damage disclosed.
Via Reuters
More from TechRadar Pro
Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focusing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.