FBI director warns Chinese hackers aim to ‘wreak havoc’ on U.S. critical infrastructure – NBC News
FBI Director Christopher Wray warned about the growing threat of Chinese cyberattacks against U.S. electrical grids and other infrastructure during an appearance Wednesday morning before the House Select Committee on the Chinese Communist Party.
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” the excerpts of Wray’s prepared testimony released by the FBI said.
Wray also argued that “there has been far too little public focus” that Chinese hackers are targeting critical infrastructure in the U.S. such as water treatment plants, electrical grids, oil and natural gas pipelines, and transportation systems, according to the prepared remarks.
“And the risk that poses to every American requires our attention — now,” his prepared testimony said.
As Wray testified, the Justice Department and FBI announced they had disabled a Chinese hacking operation that had infected hundreds of small office and home routers with botnet malware that targeted critical infrastructure.
The DOJ said the hackers, known to the private sector as “Volt Typhoon,” used privately owned small routers that were infected with “KV botnet” malware to conceal further Chinese hacking activities against U.S. and foreign victims.
Wray addressed the malware in his testimony, emphasizing that it targets critical infrastructure in the U.S.
“The Volt Typhoon malware enabled China to hide among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors — steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,” Wray said in his testimony.
The majority of the routers affected by the hackers were vulnerable because they had reached “end of life” status and could no longer be supported by their manufacturer’s security patches or other software updates, the DOJ statement said. The court-authorized an operation deleted the malware from the routers and took additional steps to sever their connection with the botnet.
Wray emphasized in the remarks that the “cyber onslaught” of Chinese hackers “goes way beyond prepositioning for future conflict,” saying in the prepared remarks that every day the hackers are “actively attacking” U.S. economic security, engaging in “wholesale theft of our innovation, and our personal and corporate data.”
“And they don’t just hit our security and economy. They target our freedoms, reaching inside our borders, across America, to silence, coerce, and threaten our citizens and residents,” the excerpts said.
Wray’s remarks add to a series of stark warnings he has issued about the Chinese government’s hacking capabilities. In an interview with NBC News in 2022, Wray said he was shocked to learn the scale of Chinese efforts to steal U.S. technology when he became FBI director in 2017, and that the FBI had launched an average of two counterintelligence investigations a day to counter those threats.
China-linked hackers last year breached the email accounts of the State and Commerce departments as well as the U.S. ambassador to China, Nicholas Burns. The federal Cybersecurity and Infrastructure Security Agency said at the time that the targeted intelligence-gathering campaign lasted around a month.
Ken Dilanian is the justice and intelligence correspondent for NBC News, based in Washington.