Chinese hackers infiltrating America’s critical infrastructure
“The cyber threat posed by the Chinese government is massive.” That was FBI Director Christopher Wray, speaking at a recent security conference in Munich, warning of new cyberattacks from China. And not just from the outside, which would be bad enough. Mr. Wray singled out the Chinese Communist Party hacking group Volt Typhoon, which the U.S. Cybersecurity and Infrastructure Security Agency notes is lurking in critical infrastructure across our country. Volt Typhoon has already hacked key sectors including communications, energy and water. It may have the ability to access heating and air conditioning systems to overheat data servers, to cause blackouts by disrupting control rooms that regulate water and electricity, and to manipulate surveillance cameras at some of these facilities. Since 2021, Volt Typhoon has been exploiting critical infrastructure vulnerabilities by targeting networks protected by Fortinet’s FortiGuard security devices. By proxying traffic through outdated and compromised routers, hackers “live off the land” by remaining undetected while monitoring traffic and escalating their access privileges. In fact, Volt Typhoon persisted in some IT environments for over five years while extracting sensitive information from in-memory data employing tools such as Magnet RAM Capture. The severity of this threat was underscored in December when the Justice Department disrupted a Chinese botnet embedded in older routers, shedding light on the extensive reach of such cyber intrusions.
More From Washington Examiner: