WASHINGTON, D.C. – The Director of the Federal Bureau of Investigation issued a stark warning this week about an advanced Chinese hacking campaign that has successfully infiltrated American companies operating critical infrastructure like telecommunications, energy, and water utilities. The hackers have embedded themselves for a potential future cyberattack intended to “physically wreak havoc” and induce panic across the nation, according to Christopher Wray.
Speaking at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats on Thursday, Mr. Wray painted an ominous picture of the cyberthreat known as “Volt Typhoon.” He said the Chinese hackers were biding their time, lying in wait “for just the right moment to deal a devastating blow” by launching crippling attacks on civilian infrastructure systems that could disrupt services Americans rely on daily.
“Its plan is to land low blows against civilian infrastructure to try to induce panic,” the FBI director told the audience of cybersecurity experts and policymakers. The stark assessment underscores the escalating cyber conflict between the United States and China over a range of economic and national security issues.
U.S. officials and private cybersecurity firms have been tracking Volt Typhoon for months and have linked the sophisticated hackers to China’s government, despite Beijing’s denials. A spokesperson for China’s Foreign Ministry this week claimed the group was simply a criminal ransomware gang unconnected to the Communist regime.
“Some in the US have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the US to be the victim while it’s the other way round, and politicizing cybersecurity issues,” said the spokesperson from the Chinese embassy in Washington.
However, Microsoft and Google’s respected threat intelligence teams have reported evidence tying Volt Typhoon to contractors associated with China’s Ministry of State Security, the country’s top espionage agency. Director Wray stated the FBI’s assessment was that the hackers’ activities stem from tensions between the U.S. and China over the issue of Taiwan’s sovereignty.
The ominous cyber warnings from the nation’s top law enforcement official come just months after he testified to Congress in February that the Chinese hacking threat against American critical infrastructure required urgent attention. “There has been far too little public focus on the fact that PRC [People’s Republic of China] hackers are targeting our critical infrastructure,” Mr. Wray told lawmakers at the time.
He cited attempted cyber intrusions into water treatment facilities, electrical grids, oil and gas pipelines, and transportation networks, warning of “the risk that poses to every American.” The FBI director emphasized that the Chinese cyber campaign wasn’t just an economic attack through intellectual property theft and corporate espionage, which has long been a concern. Rather, he said, the hackers are increasingly “targeting our freedoms” by surveilling, coercing and threatening Chinese Americans as well as U.S. residents.
Cybersecurity experts say Volt Typhoon’s infiltration of key U.S. infrastructure systems appears to be the digital equivalent of pre-positioning armed forces in strategic locations ahead of a planned military strike. By gaining persistent access now, the Chinese could launch disruptive or destructive attacks on short notice during any future crisis or conflict.
“They’re getting the cyber beach-heads established,” said John Hultquist, the head of threat intelligence at the cybersecurity firm Mandiant. “They’re getting everything lined up, to be able to storm the beach when the time is right from their perspective.”
While there haven’t been any emergency alerts about imminent threats yet, cybersecurity officials warn that America’s aging industrial control systems regulating power grids, water plants and other utilities are highly vulnerable. Many were designed decades before the internet era with little security against sophisticated nation-state hackers.
“We need to shore up our cyber defenses for our critical systems now, before it’s too late,” said Rob Joyce, the director of cybersecurity at the National Security Agency, in a recent interview. “The risks we face from determined adversaries like China are very real.”
So far, U.S. officials have responded with diplomatic protests, sanctions on Chinese tech firms, and offensive cyber operations to remove entrenched hackers from domestic networks. But as relations deteriorate between the two superpowers on issues like trade, Taiwan and technology rivalry, many fear a future crisis could escalate into a devastating cyber conflict hitting civilian populations.
“Xi Jinping has made it very clear – he does not view cyberattacks on critical infrastructure as off-limits,” warned Wray in his Thursday speech. “We cannot afford to be caught unprepared.”
