Skip to main content
Tech

Chinese hackers target US infrastructure with unprecedented persistence

Share

Recent warnings from the National Security Agency (NSA) highlight an ongoing cyber threat posed by the persistence of Chinese hackers. In a cybersecurity advisory issued with other federal agencies, the NSA singled out a Beijing-backed hacker network known as “Volt Typhoon” for targeting and infiltrating American critical infrastructure.

QR code for SAN app download

Download the SAN app today to stay up-to-date with Unbiased. Straight Facts™.

Point phone camera here

“The [advisory] focuses on PRC-sponsored cyber actor, Volt Typhoon, targeting IT networks of communications, energy, transportation, water, and wastewater organizations in the U.S. and its territories,” the NSA said in a statement. “The authoring agencies recognize the reality that the PRC has already compromised these systems. In some cases, the cyber actors have been living inside IT networks for years to pre-position for disruptive or destructive cyberattacks against operational technology in the event of a major crisis or conflict with the United States.”

Chinese hacking groups like Volt Typhoon actively targeted vital sectors of U.S. infrastructure, including electric grid operators, water systems and shipping ports. The groups’ tactics involve gaining and maintaining access to these networks for long periods. Some instances of continuous access lasted up to five years. This prolonged presence provides the hackers with the capability to execute potentially devastating cyberattacks at their discretion. These attacks also threaten the stability and functionality of resources relied upon by everyday Americans.

“If and when China decides the time has come to strike, they’re not focused just on political and military targets,” FBI Director Christopher Wray said. “We can see from where they position themselves across civilian infrastructure, that low blows aren’t just a possibility in the event of a conflict, low blows against civilians are part of China’s plan.”

Despite the gravity of their activities, Volt Typhoon’s methods do not always use cutting-edge technology. Rather, the group relies on persistent hacking attempts, exploiting vulnerabilities that may be accessible to relatively-skilled hackers, not just experts.

The vulnerability of U.S. infrastructure cybersecurity is made worse by its fragmented and decentralized nature.

Several entities and individuals are responsible for operating different components of critical infrastructure. Therefore, coordination efforts to combat cyber threats are often insufficient. This fragmentation is particularly evident in sectors such as the water system where 150,000 individual, independently-managed operations make up the system. This is a trend found across all 16 critical infrastructure sectors in the country.

In response to these ongoing threats, federal agencies are urging infrastructure operators to bolster their cybersecurity defenses. Recommendations include implementing multi-factor authentication and conducting regular reviews of network activity logs to detect and prevent unauthorized access.

Tags: , , , , , ,

[JACK AYLMER]

CHINESE HACKERS ARE GOING AFTER AMERICAN PROPERTY.

AND THEY’RE SHOWING NO SIGNS OF STOPPING OR SLOWING DOWN.

THE NATIONAL SECURITY AGENCY HAS SPECIFICALLY WARNED ABOUT A CHINESE HACKING GROUP CALLED VOLT TYPHOON.

THEY’VE BEEN TARGETING U.S. INFRASTRUCTURE, LIKE ELECTRIC GRID OPERATORS, WATER SYSTEMS AND SHIPPING PORTS.

IN SOME CASES, THE HACKERS CAN GET IN AND MAINTAIN ACCESS TO THE NETWORKS FOR AT LEAST FIVE YEARS.

LYING DORMANT UNTIL THEY’RE READY TO STRIKE.

[CHRISTOPHER WRAY]

China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real world harm to American citizens and communities.

[JACK AYLMER]

THIS GIVES VOLT TYPHOON THE ABILITY TO CONDUCT POTENTIALLY DESTRUCTIVE CYBERATTACKS AT WILL.

CRIPPLING THE SERVICES EVERY DAY AMERICANS RELY ON AT A MOMENT’S NOTICE.

[CHRISTOPHER WRAY]

If and when China decides the time has come to strike, they’re not focused just on political and military targets, we can see from where they position themselves across civilian infrastructure, that low blows aren’t just a possibility in the event of a conflict, low blows against civilians are part of China’s plan. -Christopher Wray, FBI Director

[JACK AYLMER]

CHINA ISN’T UTILIZING INCREDIBLY SOPHISTICATED TECHNOLOGY TO DO THIS EITHER.

MANY OF THE TACTICS USED ARE ACTUALLY PRETTY STANDARD FOR A RELATIVELY SKILLED HACKER.

THEY’RE JUST SO PERSISTENT WITH THEIR HACKING ATTEMPTS, THAT EVENTUALLY GROUPS LIKE VOLT TYPHOON ARE ABLE TO GET IN.

THE VULNERABLE STATE OF U.S. INFRASTRUCTURE CYBERSECURITY MAKES THIS PROBLEM EVEN BIGGER.

THE LEVEL OF COORDINATION NEEDED TO COMBAT THESE ATTACKS JUST DOESN’T EXIST.

TAKE THE U.S. WATER SYSTEM FOR EXAMPLE.

IT HAS AT LEAST 150,000 INDIVIDUAL OPERATIONS, EACH RUN BY DIFFERENT ENTITIES AND INDIVIDUALS.

THAT LEVEL OF FRAGMENTATION EXISTS THROUGHOUT ALL 16 CRITICAL INFRASTRUCTURE SECTORS IN THE COUNTRY.

FEDERAL AGENCIES ARE NOW ADVISING OPERATORS ON BEST PRACTICES TO PREVENT THESE CYBERSECURITY BREACHES IN THE FUTURE.

THEY SAY THAT IMPLEMENTING MULTI FACTOR AUTHENTICATION AND REGULARLY REVIEWING NETWORK ACTIVITY LOGS CAN HELP STOP PERSISTENT CHINESE HACKERS FROM GETTING THROUGH.