Christopher A. Wray, director of the Federal Bureau of Investigation, warned Wednesday that China is stepping up a widespread hacking operation aimed at taking down the United States’ power grid, oil pipelines and water systems in the event of a conflict over Taiwan.
Mr. Wray, appearing before a House subcommittee on China, offered a disturbing assessment of the Chinese Communist Party’s efforts. Its intent is to sow confusion, undermine the United States’ will to fight and prevent the US military from deploying resources if the dispute over Taiwan, a major flashpoint between the two superpowers, escalates into war, he added.
Before his testimony, FBI and Justice Department officials revealed that last month, they had obtained a court order authorizing them to access servers infiltrated by Volt Typhoon, a Beijing-run hacking network that has targeted a range of critical infrastructure systems, often penetrating small businesses, contractors or local government networks.
“China’s Hackers Are Embracing US Infrastructure Prepare to Wreak Havoc and Damage the Real World to American citizens and communities if or when China decides it’s time to strike,” said Mr. Wray, who pushed the committee to increase funding for the bureau.
“Low-level strikes against civilians are part of China’s plan,” he added.
Volt Typhoon hackers compromised hundreds of Cisco and NetGear routers, many of them outdated models no longer supported by manufacturer updates or security patches, in an attempt to embed an army of sleeper cells that would activate in a crisis.
In May, US officials warned businesses, local governments and foreign allies that the group was targeting “networks in vital US sectors” and was likely to use the same techniques against other countries.
The operation was shut down before it affected the “legitimate operations” of infrastructure services, and the Chinese do not appear to have collected “content information” from the routers.
The government is notifying the owners of the equipment, officials said.
Mr. Wray said a major obstacle to countering Chinese hacking operations was the reluctance of small business owners and local governments to notify the FBI of suspicious activity on their networks, which could “prevent the attack from spreading to other areas.” and other businesses”.
Also Wednesday, the department unsealed indictments against four Chinese nationals. They are accused of conducting a years-long conspiracy to smuggle electronic components from the United States to Iran, in violation of long-standing sanctions and restrictions on the export of military technology to the Islamic Republic.
The suspects, who all live in China, are accused of using front companies to funnel parts that could be used to build drones and ballistic missile systems to Iran from 2007 to at least 2020, according to the indictment in the Federal District Court in Washington.
As a result, a “vast amount” of American technology was diverted to Iran, prosecutors said. They did not specify the potential harm to national security.
In recent months, the FBI and Department of Justice have stepped up their warnings about malicious activity from China, Iran and Russia inside the United States. These include murder-for-hire plots against dissidents, attempts to infiltrate US law enforcement agencies, election interference, intellectual property theft and online breaches like those identified in Wednesday’s hearing by Mr Wray and cyber security officials.
Mr Wray has for years highlighted the threat from China, describing it as existential.
“It is a threat to our economic security — and by extension our national security,” Mr. Wray said in 2020.
China has often targeted the weakest links in the country’s business and government networks, particularly outdated home-office routers that allow them to hack into more sophisticated computer systems, officials said.
The goal is to “cause social panic” to discourage the United States from supporting Taiwan or confronting Beijing more aggressively on other geopolitical and economic issues, said Jen Easterly, director of the federal Cybersecurity and Infrastructure Security Agency.
Ms. Easterly suggested that officials in Beijing may have been motivated to focus on civilian infrastructure after the 2021 ransomware attack on Colonial Pipeline by a Russian hacking group.
“Imagine that on a massive scale — imagine not one pipeline but many pipelines,” he said. “Telecoms are down and people can’t use their cell phones. People are starting to get sick from contaminated water. Trains derail.”
Beijing has long denied targeting US civilian infrastructure, and top Chinese officials recently told national security adviser Jake Sullivan they would not influence the outcome of the 2024 election by penetrating networks.
American hackers target China’s military and government servers but have historically avoided the kind of infrastructure attacks directed by Beijing, said Gen. Paul M. Nakasone, the outgoing commander of the United States Cyber Command.
“Responsible cyber actors of democracies like ours do not target civilian infrastructure,” he said. “There is no reason for them to be in our water. There is no reason for it to be in our power. This is a decision by an agent to really focus on political goals. We don’t do that.”