Hackers associated with China’s People’s Liberation Army have breached the computer systems of several dozen “critical entities” over the past year, according to The Washington Post (subscription).
What’s going on: The intrusions—which include hacks into “at least one oil and gas pipeline,” a large West Coast port and a Hawaii water utility—“are part of a broader effort to develop ways to sow panic and chaos or snarl logistics in the event of a U.S.–China conflict in the Pacific,” U.S. officials and security experts told the Post.
- Bad actors also attempted to gain entry to the Texas power grid last summer.
Why it’s important: The targeting of logistics centers and Hawaii, home to the U.S. Navy’s Pacific Fleet, would suggest that the Chinese military intends to complicate U.S. aid to Taiwan in the event of a conflict between it and China.
- “These previously undisclosed details help fill out a picture of a cyber campaign dubbed Volt Typhoon, first detected about a year ago by the U.S. government,” the Post reports.
- The information comes less than a month after the U.S. and China agreed to restore communication channels.
Sleeper strategy: China’s hackers are seeking undetectable ways to infiltrate U.S. systems, security expert Joe McReynolds told the newspaper.
- “You’re trying to build tunnels into your enemies’ infrastructure that you can later use to attack,” he said. “Until then, you lie in wait, carry out reconnaissance, figure out if you can move into industrial control systems or more critical companies or targets upstream. And one day, if you get the order from on high, you switch from reconnaissance to attack.”
What’s being done: “The U.S. government has long sought to improve coordination with the private sector, which owns most of the nation’s critical infrastructure, and with tech companies that can detect cyberthreats.”
- In 2021, the Biden administration unveiled the first oil-and-gas-pipeline cyber regulations, and in March, the Environmental Protection Agency said it would require states to report cyberthreats detected in audits of their water systems.
Words of warning: “China ‘is sitting on a stockpile of strategic’ vulnerabilities, or undisclosed security flaws it can use in stealthy attacks, [National Security Agency Cybersecurity Collaboration Center Director Morgan] Adamski said last month at the CyberWarCon conference in Washington. ‘This is a fight for our critical infrastructure. We have to make it harder for them.’”