Wray also urged lawmakers to support investments in US cyber defense, warning that China's hacking power far outweighs America's. “If you took every single one of the FBI’s cyber agents and intelligence analysts and focused them exclusively on the Chinese threat, Chinese hackers would still outnumber FBI cyber personnel by at least fifty to one,” he said.
The hacking campaign attributed to Volt Typhoon was first made public in May, when Microsoft said it had found traces embedded in critical infrastructure on Guam, the closest US territory to Taiwan and home to a large US military presence.
The Washington Post reported in December that victims of the Volt Typhoon malware attacks included water utilities in Hawaii, a major port on the West Coast, and at least one oil and gas pipeline. None of these hacks affected the critical functions of the infrastructure they targeted, but they raised concerns among officials who said they were close to or serving US military operations.
Officials told The Washington Post that future destructive orders could have weakened the US ability to resupply bases in the Pacific.
“This is likely just the tip of the iceberg,” said Jane Easterly, director of the US Cybersecurity and Infrastructure Agency (CISA), who also testified before the House Select Committee on the Chinese Communist Party.
The routers recovered by the FBI were generally older devices in small offices that were no longer maintained with security patches from manufacturers or software providers. When vulnerabilities were discovered, it made them easy prey for hackers who scan the Internet for connected devices.
Volt Typhoon used these routers To conceal international traffic assets and gain access to inside facilities and other targets With malicious code, repeatedly stealing employee login credentials to maintain future access. The hackers also installed so-called backdoors that can be used to access systems.
The FBI sent commands to the compromised Cisco and NetGear routers to remove the malware used to take control of them and prevent reinfection, Justice Department officials said. She applied for a series of four arrest warrants as she found new clusters of infections.
These actions will not be disabled by themselves Back channels or prevents further incursions, said Danny Adamets of Lumen Technologies, who discovered some of the infections last year. But he said routers were the “highway” that hackers used to quickly navigate the Internet.
“We think the actor can still work, but we suspect he won't be able to move as quickly as before,” Adamets said.
Wray's comments were the first public acknowledgment of a large-scale operation to eliminate the intrusions, which were difficult to target because the hackers used advanced techniques and often leveraged legitimate software to move within targeted environments.
Easterly said that US authorities noticed a “very disturbing development.”” From Chinese hacks targeting Critical infrastructure of the United States in recent years.
“A major crisis halfway across the planet could jeopardize the lives of Americans here at home by disrupting our pipelines, cutting off our communications, contaminating our water facilities, and crippling our transportation, all to ensure they can.” “Inciting panic and societal chaos and deterring our ability to muster military force and civilian will,” she testified.
Earlier, the Chinese Foreign Ministry denied any connection between Beijing and the Typhoon Volt. Liu Bingyu, spokesman for the Chinese Embassy in Washington, did not repeat that denial on Wednesday, but described US criticism of other countries' cyber policies as “irresponsible.”
“The Chinese government has been categorical in opposing hacking attacks and misuse of information technology. The United States has the strongest cyber technologies among all countries, but it has used such technologies in hacking and eavesdropping more than others,” he added.
The hearing comes at a time when both Washington and Beijing have sought to reduce friction in the relationship, opening new channels of communication between military officials as well as holding new dialogues on drug control, climate and the economy since President Biden and Chinese President Xi Jinping met. In San Francisco last November.
Last week, US National Security Advisor Jake Sullivan met with Chinese Foreign Minister Wang Yi in Thailand, where they pledged to continue discussions on key issues, including talks on regulating artificial intelligence scheduled for the spring.
Despite those While diplomacy is progressing, relations remain tense as the United States heads toward general elections and candidates [[[[They are working to improve their positions on China policy. Asked about a CNN report that said Beijing had pledged not to interfere in the elections, Wray expressed doubts.
“China has promised a lot of things over the years, so I guess I'll believe it when I see it,” he said.
The hearing is the latest in a series held by the House panel, which was formed early last year and has developed a tough, bipartisan position on what it describes as a serious threat to America in the form of increasing Chinese military, economic and technical aggression.
Mike Gallagher (R-Wis.), the committee's chairman, said Wednesday that the threat posed by recent Chinese hacking operations is “unacceptable.”
“This is the cyberspace equivalent of placing bombs on American bridges, water treatment facilities, and power plants. There is no economic benefit to these actions. There is no pure justification for intelligence gathering. The only purpose is to be prepared to destroy American infrastructure.”“,” He said.
Cadell reported from Washington and Maine from San Francisco. Devlin Barrett and Eva Do contributed to this report.
