US says it blocked China cyber-threat but warns hackers can ‘wreak havoc’

United States officials say they dismantled a China-backed hacking operation targeting civilian infrastructure, but the Federal Bureau of Investigation (FBI) warned of future threats if the two superpowers ever go to war.

The Chinese state-sponsored hacking group Volt Typhoon allegedly sought to damage public sector facilities such as water treatment plants, the electric grid, oil and natural gas pipelines and transport systems at the behest of China.

FBI Director Christopher Wray on Wednesday warned that Beijing is positioning itself to disrupt the daily lives of Americans if the US and China ever go to war, as he spoke before the House of Representatives Select Committee on the Chinese Communist Party.

He said there has been far too little public focus on a cyber-threat that affects “every American”.

“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” Wray added.

Malware

Chinese hackers had hijacked a botnet of hundreds of US-based small office and home routers owned by private citizens and companies, intent on covering their tracks as they sowed the malware, according to the FBI.

The routers were easy targets as they were no longer supported by their maker’s security patches or software updates. It was but one method used by the hackers to obfuscate their activity.

The hackers had also infiltrated targets through other avenues, including cloud and internet providers, disguising themselves as normal traffic.

Prized targets included water treatment plants, the electrical grid and transport systems across the US.

FBI and Department of Justice officials succeeded in disrupting at least a part of the Volt Typhoon operation after obtaining search-and-seizure orders in a federal court in Houston, Texas, in December.

Latent threat

The US has in the past few years become more aggressive in trying to disrupt and dismantle criminal and state-backed cyber-operations.

Jen Easterly, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said there was too little focus on a cyber-threat that could potentially affect all Americans, inducing “societal panic and chaos” and deterring the nation’s ability to “marshal a sufficient response” in times of crisis.

Wray warned that Beijing-backed hackers aim to pilfer business secrets to advance the Chinese economy and steal personal information for foreign influence campaigns.

“They are doing all those things. They all feed up ultimately into their goal to supplant the US as the world’s greatest superpower,” he said.

Cybersecurity firms, including Microsoft, had already warned in May that state-backed Chinese hackers had been targeting critical infrastructure in preparation for future crises.