FBI Director Christopher Wray issued perhaps his starkest warning yet this week about the threat Chinese-backed hackers pose to U.S. national and economic security.
in Lecture at Vanderbilt UniversitySpeaking at a summit he hosted on modern conflicts and emerging threats, Wray said Chinese hackers outnumber FBI employees by at least 50 to one and are poised to “wreak havoc” on America's critical infrastructure.
Iimmediate and imminent threat
Private industry and government officials must view this threat as urgent and implement plans to harden networks and respond to attacks now, the country's leading law enforcement official said. .
” [People’s Republic of China] “It makes it clear that all sectors of our society think it's fair game to aim for dominance on the world stage,” Ray said, adding, “The plan is to create panic and… “It's about inflicting a low blow on civilian infrastructure in order to defeat the American system.” There is a will to resist. ”
Wray's comments come as U.S. officials and the FBI itself have repeatedly warned in recent months about China's dangerous and systematic targeting of networks and systems belonging to critical infrastructure organizations. Based on. Lei and his colleagues believe that the latest intrusion was a result of Chinese hackers systematically preparing in advance for attacks aimed at disrupting communications, energy, water, technology, and other critical infrastructure services if necessary. He has repeatedly explained that this is an attempt to improve the situation.
Chinese cyberattackers “give the Chinese government the ability to wait for the right moment to deal a devastating blow,” Ray said. He added that China is building capabilities to thwart any attempts by the United States to intervene in the event of a crisis between China and Taiwan.
multifaceted attack
Continued efforts by Chinese hackers to establish and maintain a presence on critical infrastructure have exposed U.S. organizations to pressure from Chinese-backed cyber espionage and cybercrime groups for more than a decade. There is.to support economic efforts As with Made in China 2025 and multiple separate five-year plans, the Chinese government has long deployed cyber groups to systematically steal intellectual property and trade secrets from companies in key competitive sectors, Lei said. It is said that
Targets include organizations in various sectors such as biotechnology, aviation, artificial intelligence, and agriculture. health care. “China is engaged in the largest and most sophisticated theft of intellectual property and expertise in the history of the world,” Lei said. “If you can close your eyes and pull an industry or sector out of a hat, chances are the Chinese government is targeting it.”
In recent months, the Bolt Typhoon group has become one of the most visible faces of what the United States sees as China's unchecked aggression in cyberspace. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and security vendors have reported multiple threat actor attacks this year. Intrusion into U.S. critical infrastructure networks and Operational technology An environment aimed at gaining a presence on these networks and waiting for instructions to attack. Last year, the New York Times revealed: Bolt Typhoon hits a military base, Concerned Biden administration officials acknowledged that the attacker's malware was more prevalent in U.S. networks than previously thought.
“Scatter” attacks and “indiscriminate” attacks
Lei pointed to a widespread attack in 2021 that exploited a zero-day vulnerability in Microsoft Exchange Server as one of the “most egregious examples” of China's “sporadic and indiscriminate cyberattacks” in recent memory. did.These attacks involved Chinese support Hafnium group deploys web shell for remote access On thousands of enterprise systems. The FBI later obtained a court order in an unprecedented move at the time. Remove these web shells remotely Remove them from thousands of infected systems before attackers use them to cause further damage.
In response to the growing threat, Wray said the FBI is mobilizing field offices in the United States and around the world to address the threat. The agency also works with the U.S. Cyber Command, the CIA, and foreign law enforcement agencies to thwart Chinese hacking operations.Initiatives include: go after known hackersmalware developers and owners of supporting infrastructure such as bulletproof hosting services and money laundering.
Private sector organizations can do their part by working more diligently on cyber defense and response mechanisms and sharing information that can prevent new threats from “metastazing to other sectors and businesses.” Ray said it can be done. “We have seen the best results in situations where companies have a habit of contacting their local FBI field office even before there is any sign of a problem, so that everyone can Because we were on the same page and helped prepare the company.”
