Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
United States

FBI Warns Chinese Malware Could Threaten Critical US Infrastructure (ft.com) 78

The FBI is "laser focused" on Chinese efforts to insert malicious software code into computer networks in ways that could disrupt critical US infrastructure, according to the agency's director Christopher Wray. From a report: Wray said he was acutely concerned about "pre-positioning" of malware. He said the US recently disrupted a Chinese hacking network known as Volt Typhoon that targeted American infrastructure including the electricity grid and water supply, and other targets around the world. "We're laser focused on this as a real threat and we're working with a lot of partners to try to identify it, anticipate it and disrupt it," Wray said on Sunday after attending the Munich Security Conference.

"I'm sober and clear minded about what we're up against...We're always going to have to be kind of on the balls of our feet." Wray said Volt Typhoon was just the tip of the iceberg and was one of many such efforts by the Chinese government. The US has been tracking Chinese pre-positioning operations for well over a decade, but Wray told the security conference that they had reached "fever pitch." He said China was increasingly inserting "offensive weapons within our critical infrastructure poised to attack whenever Beijing decides the time is right."

His comments are the latest FBI effort to raise awareness about Chinese espionage that ranges from traditional spying and intellectual property theft to hacking designed to prepare for possible future conflict. Last October, Wray and his counterparts from the Five Eyes intelligence-sharing network that includes the US, UK, Canada, Australia and New Zealand held their first public meeting in an effort to focus the spotlight on Chinese espionage. Wray said the US campaign was having an impact and that people were increasingly attuned to the threat, particularly compared with several years ago when he sometimes met scepticism.

This discussion has been archived. No new comments can be posted.

FBI Warns Chinese Malware Could Threaten Critical US Infrastructure

Comments Filter:
  • Weird how... (Score:5, Insightful)

    by Scutter ( 18425 ) on Monday February 19, 2024 @09:13AM (#64251106) Journal

    Weird how this isn't considered an act of war.

    • Re:Weird how... (Score:5, Interesting)

      by Eunomion ( 8640039 ) on Monday February 19, 2024 @09:22AM (#64251124)
      Electronic intrusion is considered espionage rather than war, and the positioning of sleeper malware would be akin to a clandestine force posture. The latter can be interpreted as aggression (e.g., Soviet missiles in Cuba), but it's far better to confront it on equal terms (counterintel, flipping the malware against them, etc.) or, if openly, through diplomatic means.
      • Re: (Score:2, Funny)

        by DarkOx ( 621550 )

        its absolutely an act of war. When it was attacks on companies (even strategically important ones) churning out widgets; I think one could argue there was cause for some restraint:
        1) We get a chance to observe their methods and capabilities
        2) other diplomatic missions could continue
        3) the costs vs the economic opportunity of trade make it acceptable.

        However once they started attacking the State itself and infrastructural things like power and water systems that could get people killed, that should have bee

        • Re:Weird how... (Score:4, Interesting)

          by Eunomion ( 8640039 ) on Monday February 19, 2024 @10:47AM (#64251400)
          It would be an act of war to attack infrastructure. However, it's not (necessarily) an act of war to clandestinely create the capability to wage such attacks. The analogy, as I mentioned, is force posture. An adversary can adopt an aggressive posture that justifies some measure of equivalent reaction, but cases where a posture alone justifies action are few and far between.

          US policy toward electronic warfare has consistently kept it in the grey area, and we have sometimes found it convenient to use that to our advantage (e.g., Stuxnet).

          And bringing up the traitor Donald Trump in a discussion about US national security makes me think you're probably saying this crap from somewhere with a lot of Z's, K's, and backwards R's on the signs.
          • Hey now, Poland has a lot of Z's and K's on their signs. Not so many Ð's, but then again Russia wouldn't have any Z's either.
          • However, it's not (necessarily) an act of war to clandestinely create the capability to wage such attacks.

            On whose soil?

            The only reason that uncovering fifth columnists inside a country doesn't (usually) trigger a war is that it's damned difficult to prove in a free society. You can quote Marx or out of Mao's little red book all you want over here. That's your right. And unless we can find the money trail, there isn't much we can do. If you are motivated by ideology adopted from a commie college professor, that's not even illegal.

            • Militant fifth columnists are relatively rare compared to spies, because governments know that anything they do has the possibility of being discovered at any time. So they play conservatively.

              What the FBI is talking about are capabilities with the potential to be weaponized, not malware specific to actual attacks. It's the "dual use" tactic that has always been a feature of armed peace / cold war. They can, and almost certainly would, use the malware just to spy, but it could go darker than that if a
        • The United States will respond in the time and place and manner of our own choosing. And not be drawn into a war it does not want. This is pretty much warfare and geopolitics 101.

          If you want to produce an exciting action film, then of course pick the more dramatic but improbable route.

          • The United States will respond in the time and place and manner of our own choosing. And not be drawn into a war it does not want. This is pretty much warfare and geopolitics 101.

            If you want to produce an exciting action film, then of course pick the more dramatic but improbable route.

            There are wars the USA doesn't want?? I'm shocked. This is hardly what the experience of the last 70 years tells us. The USA has hardly ever not been at war.

            • Yes, we don't want nuclear war. We also don't like wars to occur in the continental United States, which explains some of the aggressive "regime change" invasion policies. Both of these aspects explains our reaction during the Cuban Missile Crisis.

              The US is obviously not anti-war. But they do choose the wars they participate in, usually by being the one that initiates them.

              • Yes, we don't want nuclear war. We also don't like wars to occur in the continental United States, which explains some of the aggressive "regime change" invasion policies. Both of these aspects explains our reaction during the Cuban Missile Crisis.

                The US is obviously not anti-war. But they do choose the wars they participate in, usually by being the one that initiates them.

                Seemingly, especially when it involves bombing brown people.

                Despite not wanting a war on their own continent there seems to be a view that Mexico is the USA's back yard and that there should be a military intervention there...

                Theres also China which, despite being many of the USA's allies main trading partner, the USA is desperately trying to provoke a war with.

                • Despite not wanting a war on their own continent there seems to be a view that Mexico is the USA's back yard and that there should be a military intervention there...

                  Mexico is a tiny country and Central Mexico is difficult to attack. As most of it on mountains and not near the ocean, and self-sufficient for food. And there is almost no naval advantage to occupying Mexico's coast, so why do it?

                  The real end game is for the US to create a second class that has no basic human rights and use them as labor. So mission accomplished there

                  Theres also China which, despite being many of the USA's allies main trading partner, the USA is desperately trying to provoke a war with.

                  Provoking a war is not the same as a nuclear war. Pushing China or Russia or India to an existential crisis would be how we could trigger a nu

        • by AmiMoJo ( 196126 )

          If hacking is an act of war, the consider that the US and UK hacked EU countries. The US has been accused of hacking Chinese companies too, and I'm sure the UK helped out.

          Then there was the infamous US hack on Iranian centrifuges, which are part of their nuclear power/weapons programme. Was that an act of war? Nuclear power is infrastructure.

          Meanwhile, Israel is actually bombing other countries right now. Lebanon, and they previously bombed Iranian infrastructure, unprovoked.

          The reality is, very little is c

    • Weird how this isn't considered an act of war.

      All depends on how you want to treat Weapons of Mass Distraction.

      The FBI is under major scrutiny for highly questionable behavior over the last few years. What they are “laser focused” on, is making sure there are plenty of nameless, faceless “threats” to suddenly talk about and address with “urgency”, because otherwise taxpayers might become a bit too focused on internal corruption that is the actual threat.

      Weird how more can’t see that. Same reason we have two p

    • by gosso920 ( 6330142 ) on Monday February 19, 2024 @11:57AM (#64251644)
      We have always been at war with Eastasia.
    • by Tablizer ( 95088 )

      US probably does it also.

    • Weird how this isn't considered an act of war.

      And US malware threatens critical Chinese infrastructure. Just grow up.

    • What can they do? Complain when they are doing it themselves to other countries? Biggest public example is the Stuxnet malware they planted int Iranian Nuclear powerplants.
    • by ceoyoyo ( 59147 )

      The same way space starts at 50 miles up, according to the US Air Force. The US did it first and does it best, they make up some convenient rules, and you can like it or be North Korea.

  • "The US has been tracking Chinese pre-positioning operations for well over a decade, but Wray told the security conference that they had reached "fever pitch." He said China was increasingly inserting "offensive weapons within our critical infrastructure poised to attack whenever Beijing decides the time is right." "

    So they've been tracking 'prepositioning' and just leaving the 'offensive weapons' in place for Beijing to... yeah fucking right.

    • ...the chinese have been attacking us for at least two decades, and the ruskies for at least 3...
      • by PPH ( 736903 )

        I miss the days when Russia was trying to frame China [wikipedia.org] with a nuclear attack on the USA.

        I'm not too worried about Russo-Chinese plots to take over the world. Invariably, socialism collapses as soon as total domination appears to be within reach and their internal factions begin in-fighting.

    • What Changed (Score:3, Insightful)

      by geekmux ( 1040042 )

      The change in behavior isn’t due to China.

      The change in behavior is more due to Wray being under the scrutiny spotlight for questionable behavior by the FBI, and “China” is a fitting distraction.

    • "The US has been tracking Chinese pre-positioning operations for well over a decade, but Wray told the security conference that they had reached "fever pitch." He said China was increasingly inserting "offensive weapons within our critical infrastructure poised to attack whenever Beijing decides the time is right." "

      So they've been tracking 'prepositioning' and just leaving the 'offensive weapons' in place for Beijing to... yeah fucking right.

      And so has the US in China. Big deal, you're both as bad as each other.

  • The one of the most common infrastructure elements was suddenly shifted subscription status and the licenses expired?

    No code needed... Just money to to buy the company that sells the infrastructure element.

    In the mean time we're all looking for hackers to attack the code
    It'd cost less than a war and be FAR more devastating.

    Money people would NEVER do anything like this
    Didn't Sun Tzu say be where your enemy isn't?

  • Reminds me of Clue [youtube.com]

    [Prosthelytizer] Repent. The Kingdom of Heaven is at hand.
    [Ms. Scarlett] You ain't just whistlin' Dixie.
    [Prosthelytizer] Armageddon is almost upon us!
    [Professor Plum] I've got news for you: it's already here!
  • by Dusanyu ( 675778 ) on Monday February 19, 2024 @10:24AM (#64251332)
    No idea why key infastructure is on a world faceing network and not localy controlled analoug switching.
    • No idea why key infastructure is on a world faceing network and not localy controlled analoug switching.

      Greeds Remote Work Paradox.

      All remote jobs are unjustified, except those jobs where Greed fired all the humans and replaced them with a remote terminal and some online sensors. Those are perfectly acceptable, because cheaper is always better.

      • Comment removed based on user account deletion
        • no, its just everyone who cant be bothered to come into work is lazy

          Everyone who abuses mass generalizations is a moron.

          There. Now prove which statement is actually less accurate.

    • Money.
    • No idea why key infastructure is on a world faceing network and not localy controlled analoug switching.

      Laziness, convenience, cost, simplicity.

      People do NOT like to think, even when it will benefit them. Sleepwalking.

  • by Opportunist ( 166417 ) on Monday February 19, 2024 @10:38AM (#64251380)

    You buy your hardware from your political enemy and you're wondering whether it is bugged?

    I wonder if the FBI can at least find its own ass with both hands.

  • that our side is doing the same.

  • If China invades Taiwan, lots of shit in all 3 countries will blink out, probably Europe also.

  • This is a threat from China!

    *Invite a bunch of Chinese investment and don't safeguard the public*

    We don't understand why we have all these problems! OOPS! OUR BRAINS FELL OUT!

  • ...can we please stop with the fear mongering? Our infrastructure is much more vulnerable to simply being underfunded and falling apart than it is Chinese hackers.

    Let's not forget that PG&E plead guilty to manslaughter and the Texas grid can't handle cold temperatures. Unless the Chinese are the ones training squirrels, let's not lose focus on the real problem.

  • There's plenty of security practice consulting and campaigns that don't require stooping to racist xenophobia to sell them. That's what Putin, Kim Jon Un, and ransomwhere are for.
  • Certain snide, nasty-minded people are asking whether back in 2021 the Chinese ran a pilot program in Texas that paid off handsomely.

  • .... offensive weapons within our critical infrastructure ...

    As I recall, the USA was caught doing this too, with US-made equipment.

    So, the USA starts a pissing contest (sometimes getting friends to join its side), the other country decides to play meaner and dirtier. This has been happening for decades and across multiple countries. Maybe, there's a lesson there.

  • keeping it offline, keeps it from being hacked. May be inconvenient, but safe.

"All the people are so happy now, their heads are caving in. I'm glad they are a snowman with protective rubber skin" -- They Might Be Giants

Working...