U.S warns of Chinese cyberattacks
The U.S. State Department has warned that China is capable of launching cyberattacks against critical infrastructure, including oil and gas pipelines and rail systems.
“The U.S. intelligence community assesses that China almost certainly is capable of launching cyberattacks that could disrupt critical infrastructure services within the United States, including against oil and gas pipelines and rail systems,” State Department spokesperson Matthew Miller said in a press briefing.
“It’s vital for government and network defenders in the public to stay vigilant.”
The warning came after researchers discovered a Chinese hacking group had been spying on such networks.
A multi-nation alert issued revealed the Chinese cyber-espionage campaign had been aimed at military and government targets in the United States.
The Chinese government has rejected assertions that its spies are going after Western targets, calling the warning issued by the United States and its allies a “collective disinformation campaign.”
U.S. officials said they were still in the process of getting their arms around the threat.
“We’ve had at least one location that we didn’t know about since the hunt guide was released come forward with data and information,” Rob Joyce, the U.S. National Security Agency’s (NSA) cybersecurity director, said.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) separately said it was working to understand “the breadth of potential intrusions and associated impacts.” CISA’s executive assistant director, Eric Goldstein, told reporters.
Researchers and officials say part of the challenge in defending against this espionage work is that it’s more covert than regular spy operations.
“In these cases the adversary is often using legitimate credentials and legitimate network administration tools to gain access to execute their objectives on a target network,” Goldstein said.
Also Read: Nigeria Calls For Regional Partnerships To Tackle Cyber Threats
“Many traditional methods of detection, such as antivirus, will not find these intrusions.”
Microsoft analysts who identified the campaign, which they dubbed Volt Typhoon, said it “could disrupt critical communications infrastructure between the United States and Asia region during future crises” – a nod to escalating U.S.-China tensions over Taiwan and other issues.
Intelligence agencies in the United States, Britain and their close allies issued an alert Wednesday to warn about Volt Typhoon.
U.S. agencies have been pushing for improved cybersecurity practices in its majority-privately held critical infrastructure industry, after the 2021 hack of the key Colonial Pipeline disrupted nearly half of the U.S. East Coast’s fuel supply.
Chinese foreign ministry spokesperson Mao Ning told reporters that the alerts issued by the United States, Britain, Canada, Australia and New Zealand were intended to promote their intelligence alliance – known as the Five Eyes – and it was Washington that was guilty of hacking.
“The United States is the empire of hacking,” Mao said.