China positioning malware in US critical infrastructure to prepare for conflict

The U.S. Intelligence community has assessed that China is attempting to pre-position malware on critical U.S. infrastructure to cripple vital assets and systems needed if China invades Taiwan, according to FBI Director Christopher Wray. The malware is being put in place in an attempt to limit America’s ability to aid Taiwan. 

Download the SAN app today to stay up-to-date with Unbiased. Straight Facts™.

Point phone camera here

“We have observed the CCP target multiple critical infrastructure entities, attacks which could potentially jeopardize the physical safety of Americans,” Wray told the House Select Committee on the Chinese Communist Party. 

Wray said the FBI already identified China-backed hackers who gained access to the computer network of a major U.S. transportation hub. Agents informed network operators and helped them fix the vulnerabilities. 

In war, an adversary may seek to destroy bridges and dams, poison water supplies and cut power lines. According to committee Chairman Mike Gallagher, R-Wis., wiping out critical infrastructure can create societal chaos.

“Chinese hackers have put malware in water utilities, oil and gas pipelines, power grids, and other utilities in our Westernmost territories and across the American homeland,” Gallagher said. “There is no economic benefit for these actions. There is no intelligence gathering rationale. The sole purpose is to be ready to destroy American infrastructure, which will inevitably result in mass American casualties.”

Despite the threat, the military’s top general for cyber security assured the committee that America is ready.

“While cyberspace threats have increased, our force to counter these threats are stronger and more capable,” Gen. Paul Nakasone, the commander for United States Cyber Command, said. “USCYBERCOM and NSA are using our capabilities and partnerships to deny the PRC opportunities, frustrate their strategic efforts and systematically eradicate intrusions.”

FBI Director Wray said these threats are why Congress must reauthorize Section 702 of the Foreign Intelligence Surveillance Act, which expires in April. 

Section 702 allows U.S. intelligence officers to spy on foreign persons who are outside of the United States without a warrant.

According to Wray, in the second half of 2023, 97% of the FBI’s raw technical reporting on malicious cyber actors and 93% of the FBI’s reporting on emerging technologies, like AI, came from Section 702 collections.

“Section 702 has been pivotal for the FBI to detect and thwart PRC-backed cyber threat actors attempting to access U.S. critical infrastructure,” Wray said. “The FBI has seen China-based cyber threat actors access a variety of critical infrastructure in the United States. Section 702 allows us to detect these cyber threat actors by monitoring them as they traverse the internet and determining when they access networks within the United States.”

Lawmakers agree that Section 702 should be reformed and renewed. However, they have been unable to reach a compromise on how to make those reforms to prevent abuse without hindering the intelligence community’s ability to collect important national security information. 

FISA abuse includes “backdoor searches.” According to the Electronic Privacy Information Center, that’s when communications are collected in a way that is expected to collect an American’s information along with the main target’s, rather than collecting that citizen’s information incidentally.

According to the Brennan Center, the improper searches over the years have included elected officials, protestors and political activists groups.