Director of the Federal Bureau of Investigation Christopher Wray warned a House select committee on Wednesday that Chinese hackers were infiltrating U.S. critical infrastructure systems. File Photo by Bonnie Cash/UPI |
License Photo
Jan. 31 (UPI) -- The United States has disrupted a China-backed malware infestation of hundreds of routers, the Justice Department said Wednesday as the head of the FBI warned Beijing's cyberactors are infiltrating U.S. critical infrastructure in preparation to "wreak havoc and cause real world harm" in the event of conflict erupting between the two countries.
The Chinese Communist Party-backed cyberattack was orchestrated by hackers known as Volt Typhoon, who infected hundreds of U.S. small and home office routers with malware called KV Botnet, which would have enabled China to conceal the origins of future hacking operations targeting U.S. and other foreign targets, including U.S. critical infrastructure.
Under a December court-authorized operation, the U.S. government deleted the KV Botnet malware from the routers and took additional steps to sever their connection, the Justice Department explained Wednesday.
"This operation disrupted the efforts of PRC state-sponsored hackers to gain access to U.S. critical infrastructure that the PRC would be able to leverage during a future crisis," Assistant Attorney General Matthew G. Olsen of the Justice Department's National Security Division said in a statement.
U.S. officials said the vast majority of the routers were by Cisco and NetGear that were made vulnerable as they had reached their so-called end of life and were no longer supported with security and software updates by their manufacturers.
During a House select committee on the CCP hearing held Wednesday titled "The CCP Cyber Threat to the American Homeland and National Security," FBI Director Christopher Wray explained that the Volt Typhoon malware had enabled China to hide its operational reconnaissance and network exploitation of America's critical infrastructure, including communications, energy, transportation and waters sectors.
Wray said it was a step Beijing was taking "to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous."
"China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real world harm to American citizens and communities if and when China decides the time has come to strike," he said. He later added that "cyber threats to our critical infrastructure represent real world threats to our physical safety."
Wray explained that China is not only focused on political military targets but that the FBI is seeing its hackers position themselves in civilian infrastructure in order to deal out "lows blows" against civilians, but that its assaults are not only in preparation for conflict but that they are actively and daily attacking the United States.
He also warned that while the operation announced Wednesday was an "important step," the size of China's hacking operations requires further investing in the United States' own capabilities.
"To quantify what we're up against, the PRC has a bigger hacking program than that of every major nation combined," he said. "In fact, if you took every single one of the FBI cyber agents and intelligence analysts and focus them exclusively on the chain threat, China's hackers would still out number FBI cyber personnel by at least 50 to 1."
