• 11/27/2024

US says it dismantled China-backed hacker network that targeted American infrastructure

Hong Kong Free Press

FBI Christopher Wray

US authorities said Wednesday they had dismantled a network of hackers known as Volt Typhoon, which was targeting key American public sector infrastructure like water treatment plants and transportation systems at the behest of China.

close up view of system hacking in a monitor
Photo by Tima Miroshnichenko on Pexels.com

FBI Director Christopher Wray explained the operation in testimony before a congressional committee on US-China competition, and the Justice Department offered more details in a statement.

In May 2023, the United States and its allies had accused Volt Typhoon, described as a “state-sponsored hacking group” backed by China, of infiltrating critical US infrastructure networks — claims rejected by Beijing.

“Just this morning, we announced an operation where we and our partners identified hundreds of routers that had been taken over by the PRC state-sponsored hacking group known as Volt Typhoon,” Wray told lawmakers, referring to China by its official acronym.

“The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation and water sectors.”

Christopher Wray, Director, Federal Bureau of Investigation, USA, speaks in Ransomware: To Pay or Not to Pay at the World Economic Forum Annual Meeting 2023 in Davos-Klosters, Switzerland on January 19 2023. Congress Center - Photo: Michael Calabro/World Economic Forum, via Flickr CC2.0.
Christopher Wray, Director, Federal Bureau of Investigation, USA, speaks in Ransomware: To Pay or Not to Pay at the World Economic Forum Annual Meeting 2023 in Davos-Klosters, Switzerland on January 19 2023. Congress Center – Photo: Michael Calabro/World Economic Forum, via Flickr CC2.0.

Wray accused the hackers of readying to “wreak havoc and cause real-world harm to American citizens and communities.”

“If and when China decides the time has come to strike, they’re not focused just on political or military targets,” he added. “Low blows against civilians are part of China’s plan.”

Assistant Attorney General Matthew Olsen, who works in the Justice Department’s national security division, said access to US infrastructure sought by Volt Typhoon was something China “would be able to leverage during a future crisis.”

The US operation to disrupt the hackers was authorized by a federal court in Texas, the Justice Department said in its statement.

US Assistant Attorney General Matthew Olsen. File photo: Erin Scott/CNAS, via Flickr CC2.0.
US Assistant Attorney General Matthew Olsen. File photo: Erin Scott/CNAS, via Flickr CC2.0.

By taking control of hundreds of routers, which were vulnerable as they were no longer supported by their maker’s security patches or software updates, the hackers sought to disguise the origin of future China-based hacking activities, it said.

The operation succeeded in wiping the malware from the routers, without impacting their legitimate functions or collecting any information, it added, while saying there was no guarantee the routers could not be reinfected.

Asked about the allegations on Thursday, Beijing said the US had “made groundless accusations and smeared China without any evidence”.

“This is extremely irresponsible and purely confuses right and wrong,” foreign ministry spokesperson Wang Wenbin said.

“The US is the origin of and the expert on cyber attacks,” he told a regular press briefing.

Support HKFP  |  Policies & Ethics  |  Error/typo?  |  Contact Us  |  Newsletter  | Transparency & Annual Report | Apps

TRUST PROJECT HKFP
SOPA HKFP
IPI HKFP

Help safeguard press freedom & keep HKFP free for all readers by supporting our team

contribute to hkfp methods
tote bag support

Support press freedom & help us surpass 1,000 monthly Patrons: 100% independent, governed by an ethics code & not-for-profit.

https://hongkongfp.com/2024/02/01/us-says-it-dismantled-china-backed-hacker-network-that-targeted-american-infrastructure/