Armies of hackers linked to the Chinese government are relentlessly “burrowing deep” into the computer systems that help run America’s critical infrastructure, posing an urgent threat that cannot be ignored, according to a new warning from top U.S. security officials.
The officials, from the FBI, the Cybersecurity and Infrastructure Security Agency, and U.S. military’s Cyber Command, testified Wednesday before lawmakers, urging the country to act before it is too late.
“The risk that poses to every American requires our attention — now,” FBI Director Christopher Wray told the Select Committee on the Chinese Communist Party, emphasizing Beijing’s actions are putting innocent civilians in the crosshairs.
“They’re not focused just on political and military targets,” Wray said. “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.”
The director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly, was equally blunt in her assessment of the wide-ranging threat from the government in Beijing.
“This is truly an everything, everywhere, all at once scenario,” she said. “Telecommunications going down so people can’t use their cellphone, people start getting sick from polluted water, trains get derailed, air traffic control systems are malfunctioning.”
China’s goal, Easterly added, would be to “incite societal panic and chaos, and to deter our ability to marshal military might,” especially in case of a conflict over Taiwan.
China rejected the accusations, blaming Washington for fomenting a dangerous and unstable cyber environment.
“The Chinese government has been categorical in opposing hacking attacks and the abuse of information technology,” said Liu Pengyu, spokesperson for the Chinese Embassy in Washington.
“The United States has the strongest cyber technologies of all countries, but has used such technologies in hacking, eavesdropping more than others,” Liu told VOA in an email. “We urge the U.S. side to stop making irresponsible criticism against other countries on the issue of cyber-security.”
But to underscore the threat, the U.S. Justice Department Wednesday announced it had taken steps to disrupt a Chinese-linked cyber threat actor from hijacking common computer routers used by homes and small businesses across the United States to access critical infrastructure.
Watch related video by Patsy Widakuswara:
U.S. officials blamed the scheme on a group known as Volt Typhoon, which gained international attention in May 2023 when tech giant Microsoft uncovered an effort by the same hackers to infiltrate and disrupt communications infrastructure in Guam, home to key U.S. military facilities.
The recently disrupted scheme, officials said, was equally worrisome.
“The Volt Typhoon malware enabled China to hide, among other things, preoperational reconnaissance and network exploitation against critical infrastructure,” Wray warned. “Steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous.”
During Wednesday’s hearing in Washington, other top officials told lawmakers the threat is already widespread, with China-linked hackers having found their way into computer systems helping to run the energy, water, transportation and aviation sectors.
“We’ve made it easy on them,” said CISA’s Easterly. “The truth is the Chinese cyber actors have taken advantage of very basic flaws in our technology.”
Easterly said that the U.S. must do more to adopt what she has called a “secure by design” approach, to make sure both hardware and software developers are conducting more rigorous testing to eliminate vulnerabilities before their products go on the market.
Lawmakers shared in the alarm.
“This is the cyberspace equivalent of placing bombs on American bridges, water treatment facilities and power plants,” said Committee Chairman Mike Gallagher, a Republican.
“There is no economic benefit for these actions. There’s no pure intelligence gathering rationale. The sole purpose is to be ready to destroy American infrastructure,” he added.
Despite the multiple concerns, the outgoing commander of U.S. Cyber Command told lawmakers the threat from Chinese hackers has not gone unanswered.
“We are ready and postured to contest [the People’s Republic of China’s] malicious activities at home and abroad,” said General Paul Nakasone of U.S. Cyber Command.
Nakasone said that was especially true of the upcoming U.S. presidential elections.
“I’m very confident in terms of what we will be able to deliver: a safe and secure election,” he said.
“Americans can be confident in our election system and our democracy,” the FBI’s Wray added, though he cautioned the threats from China — and others — are growing.
“I am also mindful of the fact that our adversaries are getting more sophisticated and that there are more and more foreign adversaries who want to get in on this game,” he said.
Wray also voiced doubts about reports that Chinese government officials have promised the U.S. they will not interfere in the election.
“Well, China’s promised a lot of things over the years, so I guess I’ll believe it when I see it,” he said.
One avenue for election interference of particular concern to lawmakers is the social media network TikTok.
“If the CCP were to want to change TikTok feeds to bias one candidate or another in the upcoming presidential election, would they be able to do so?” asked Democratic Representative Seth Moulton.
Wray replied, “My understanding is that under Chinese law that would be something they are permitted to do.”
When pressed on whether the U.S. should ban TikTok, Wray said such a decision is “outside my lane.”
But he added, “As long as the Chinese government has the ability to control all these aspects of the business, I don’t see how you get your way clear to mitigating those concerns.”
Wednesday’s warnings build on a steady drumbeat of alerts from the U.S. government on the threat China poses in cyberspace.
Earlier this month, the FBI along with the Cybersecurity and Infrastructure Security Agency, or CISA, and the Environmental Protection Agency, or RPA, cautioned cyberattacks were posing “a real and urgent risk to safe drinking water.”
CISA has also warned about threats from Chinese-manufactured drones, warning they could access or steal sensitive information that could put the U.S. security and health and safety at risk.
In September, Nakasone said he expected China to leverage artificial intelligence, also known as AI, to impact the upcoming U.S. presidential elections.
“Russia, China, others are going to try to use this technology,” Nakasone told an audience in Washington.