The Chinese military is allegedly attempting to infiltrate the United States’ critical infrastructure, including power.
And water utilities, communications and transportation systems, US government officers and cybersecurity experts have warned. According to a report in The Washington Post, hacking groups linked to China’s People’s Liberation Army (PLA), have penetrated the computer systems of about two dozen critical entities over the past year.
The intrusions are part of a broader effort to build up ways to propagate panic and chaos or snarl logistics in the event of a US-China conflict in the Pacific, US government and industry officials said. The outlet further said that some of the services attacked by the Chinese hackers are water utility in Hawaii, a major West Coast port and at least one oil and gas pipeline.
The hackers also attempted to break into the operator of Texas’s power grid, which operates independently from electrical systems in the rest of the country, The Washington Post said. Several other entities that have been attacked by the hackers outside the United States include electric utilities. According to the US officials, none of the intrusions affected industrial control systems that operate pumps, pistons or any critical function, or caused a disruption.
The experts said the Chinese military wants the ability to complicate US efforts to ship troops and equipment to the region if a conflict breaks out over Taiwan. The Washington Post report said that this new details gives a complete picture of China’s Volt Typhoon cyber campaign, first detected about a year ago by the US government.
The director of the National Security Agency’s Cybersecurity Collaboration Center confirmed in an email that Volt Typhoon activity “appears to be focused on targets within the Indo-Pacific region, to include Hawaii.” According to the officials, the hackers often sought to mask their tracks by threading their attacks through innocuous devices such as home or office routers before reaching their victims.
A key goal was to steal employee credentials they could use to return, posing as normal users. But some of their entry methods have not been determined. The hackers are looking for a way to get in and stay in without being detected, said Joe McReynolds, a China security studies fellow at the Jamestown Foundation, a think tank focused on security issues.