Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
China United States

FBI Says Chinese Hackers Preparing To Attack US Infrastructure (reuters.com) 116

schwit1 shares a report from Reuters: Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting "for just the right moment to deal a devastating blow," FBI Director Christopher Wray said on Thursday. An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University.

China is developing the "ability to physically wreak havoc on our critical infrastructure at a time of its choosing," Wray said at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats. "Its plan is to land low blows against civilian infrastructure to try to induce panic." Wray said it was difficult to determine the intent of this cyber pre-positioning which was aligned with China's broader intent to deter the U.S. from defending Taiwan. [...] Wray said China's hackers operated a series of botnets - constellations of compromised personal computers and servers around the globe - to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google.
China's Embassy in Washington said in a statement: "Some in the US have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the US to be the victim while it's the other way round, and politicizing cybersecurity issues."
This discussion has been archived. No new comments can be posted.

FBI Says Chinese Hackers Preparing To Attack US Infrastructure

Comments Filter:
  • Duh (Score:2, Insightful)

    by gweihir ( 88907 )

    The only reason China has not brought the US economy to a standstill is because so far they did not want to. This is not because Chinese hackers are so great. This is because US infrastructure, industrial and government IT Security is so bad. Not that the rest of the world is much better.

    And why have people been sleeping and ignoring the threat for about a decade now or longer? Simple: Greed. IT Security costs money. Nothing happens to the CEO that rather has a fat bonus than decent IT Security.

    • Re:Duh (Score:5, Insightful)

      by Ritz_Just_Ritz ( 883997 ) on Friday April 19, 2024 @06:35AM (#64407158)

      I think it's because greed trumps their desire to attack their nemesis. Without the US economy end point for their production, their own economic house of cards will quickly collapse.

      • by gweihir ( 88907 )

        Well, it is pretty clear that China would also massively lose in any such scenario. But accidents and political changes do happen and and hence even this "light" form of MAD is simply insane.

        • by Zak3056 ( 69287 )

          Well, it is pretty clear that China would also massively lose in any such scenario.

          Is it?

          I mean, I have no doubt that (barring something like Pearl Harbor) the US military would take the opening rounds of any US-China conventional war, but the but the supply of equipment possessed by the US Navy and US Air Force is relatively small, will attrit fairly quickly, and the relative industrial capacity and resource availability of the US and China today is very much in China's favor. It's doubtful that the US could execute a building program like it did from 1940-1945 (and especially 1942-1944

          • Do you seriously think we're not balls-deep into their infrastructure too?

            • by HBI ( 10338492 )

              That's not the point. The point of all this cyberwarfare shit is to dump a bunch of zero days out at the beginning of hostilities and cripple national infrastructure to hinder preparation in the early stages of war. The presumption, unless our task was to attack China first, is that they're already ready for the fight while we are unprepared, as is likely in any event. After the war is on a few weeks, the cyberwarfare stuff is much less relevant.

          • by HBI ( 10338492 )

            Hypersonic missiles that we have no effective counter for.

            Yeah, that's the big issue now. Who needs regiments of Backfires to wipe out carrier groups when you could literally do it from land now.

            Our ability to project power is minimal now and it shows in our unwillingness to risk those gold plated targets against any kind of hostile actor that would have a chance of taking them out. Why do you think those carriers are nowhere near Iran, Taiwan or Kola? It was actually very risky to expose those carriers

            • by Zak3056 ( 69287 )

              Hypersonic missiles that we have no effective counter for.

              [citation needed]

              Aegis equipped ships have successfully hit ballistic missiles and satellites in testing (and probably under operational conditions as of last weekend), and both of those are, by definition, hypersonic targets. While the US Navy doesn't comment on what weapons a ship might be carrying, it's almost a certainty that all of them have some SM-3s in the magazines at this point.

              Our ability to project power is minimal now and it shows in our unwillingness to risk those gold plated targets against any kind of hostile actor that would have a chance of taking them out.

              The biggest current problem with the carrier groups projecting power is that their air wings have less combat power than

            • Hypersonic missiles that we have no effective counter for.

              False. [ainonline.com]

    • Not everyone is a cybersecurity expert.

      Not all internet-based threats are known.
      When known, the full scope of threats may not be realized.
      When the full scope is known, the budget may not exist to mitigate the threats, particularly in government.
      When the full threat is known, and the budget exists, the mitigation available may effectively eliminate the service under threat.

      Greed is an excuse that is easy, obvious, and - often, but not always - wrong.

      • by gweihir ( 88907 )

        You are just trying to apologizing things that cannot be apologized. A brief look at where attackers got in for the last few years nicely shows how utterly bogus your "argument" (which is basically just FUD) is.

        So, lets see:

        Not everyone is a cybersecurity expert.

        Sure. That is why you _hire_ them. Not everybody is a fire-safety expert either, but do you see buildings burning down left and right?

        When known, the full scope of threats may not be realized.

        So doing nothing is the way to go? Once you actually have hired those experts, that stops. You know, because actual experts keep up with the threat landsc

        • You are just trying to apologizing things that cannot be apologized. A brief look at where attackers got in for the last few years nicely shows how utterly bogus your "argument" (which is basically just FUD) is.

          So, lets see:

          Not everyone is a cybersecurity expert.

          Sure. That is why you _hire_ them. Not everybody is a fire-safety expert either, but do you see buildings burning down left and right?

          Boom! It's too bad there is no Level 10 insightful, because this is right there. Mod this guy up, people!

        • You missed a step. It's kinda important to your argument.

          Not everyone is a cybersecurity expert.

          Sure. That is why you _hire_ them.

          You missed:

          Not all internet-based threats are known.

          When do you hire security experts?
          1) when you create a system.
          2) when you discover you have a problem.

          ... the mitigation available may effectively eliminate the service under threat.

          That is just nonsense. If the service is under threat you either fix it or you stop running it.

          ... exactly what I just said. "Fixing" takes time and money, either of which may be missing, either "until the next budget cycle", or "indefinitely". And with software? It doesn't stay fixed. Never.

          Incidentally, almost everything can be secured. It just costs money and time and may be inconvenient.

          This is perhaps your greatest failing. (And hey, you forgot a bit in there.) You assume that you can secure something, implying that it w

          • When do you create a system? When you start a business. When do you start a business? When you setup a Lemonade stand. Lemonade stands do not generally receive enough income to afford cybersecurity specialists. Generally, the recommendation seems to be to hire one non-security expert per 50 individuals employed. Before 25 employees, a business might not even consult a security expert, and merely rely entirely on Microsoft, their local ISP, and a cheap software vendor which provides a core service.
    • Re:Duh (Score:4, Insightful)

      by Ol Olsoc ( 1175323 ) on Friday April 19, 2024 @08:31AM (#64407414)

      The only reason China has not brought the US economy to a standstill is because so far they did not want to.

      And they don't want to because it would be tantamount to economic suicide.

      • by gweihir ( 88907 )

        Probably. But do they know that? And the more sanctions the US imposes, the less damaging this will be to them.

        • Probably. But do they know that?

          China has for a while, attempted to connect communism to capitalism. So I guess it is what 'ism wins out. If communism, then they've had a case history of shooting themselves in the foot. What is it with communist countries starving their own citizens to death?

      • Good luck having Russia and India as trading partners, without the US!
    • by sinij ( 911942 )

      This is because US infrastructure, industrial and government IT Security is so bad. Not that the rest of the world is much better.

      I hope we won't find out what all out cyber war would look like, because a lot of everything everywhere will stop working. This is likely why governments, including US, implemented emergency country-wide internet disconnects.

      • by gweihir ( 88907 )

        Agreed. But I think those "kill-switches" will be too slow. They are more there to give the politicos an illusion of control.

  • Why are they informing the public and not doing anything about it? I mean they are not supposed to be journalists, just reporting stuff, right?
    • Well maybe this is what they are doing, it's just that they are doing it about something other than the purpoted hacker problem.

      The word you are looking for is psyop.

      • by gtall ( 79522 )

        "The word you are looking for is psyop" Stop watching TV...bad for you, make you believe stupid things are happening and if you only could get the memo, you could point to them.

    • Why are they informing the public and not doing anything about it? I mean they are not supposed to be journalists, just reporting stuff, right?

      It's letting your enemy know you know what they're up to. It makes them wonder where the leak is in their organization.

      Though, in the case of China, they've routinely told everyone their goal is to become number one in the world and will do whatever it takes to get there, so this isn't really newsworthy since everyone knows about it.

    • by gtall ( 79522 ) on Friday April 19, 2024 @06:41AM (#64407164)

      What is it that you want them to do? Barge into company offices and demand they "fix" their infrastructure? Bring court cases against companies under what law precisely?

      Any "fix", seeing as companies and industries won't do it themselves, requires Congress acting. With this lot in Congress, there's no chance of that happening and even if they did, it would necessarily be high level. Even if they outlawed naughty company behavior of not securing their infrastructure, we do not have CyberCorps, able ferret out company infrastructure naughyness. We would have to wait until a company got nailed first before bringing them to court, and then spend the next 5 years litigating if it was a large company.

      • by DarkOx ( 621550 )

        No they should send a nice little not over to the State Department detailing their evidence and what laws the threat actors have already broken. The state department should then recommend the FBI prosecute these individuals and assist them by arranging for extradition if that diplomatically makes sense. In other cases the State Department should hand the information off to the CIA or DoD to for them to take some offensive steps toward threat reduction.

        Nobody should have any problems with the DoD or NSA burn

        • No they should send a nice little not over to the State Department detailing their evidence and what laws the threat actors have already broken. The state department should then recommend the FBI prosecute these individuals and assist them by arranging for extradition if that diplomatically makes sense. In other cases the State Department should hand the information off to the CIA or DoD to for them to take some offensive steps toward threat reduction.

          Nobody should have any problems with the DoD or NSA burning down the IT infrastructure of some criminal actor in a hostile jurisdiction. Any more than we have no problem with the Navy routing some pirates.

          That is what a government that was actually trying to do its job for the American people would do.

          The USA and China situation is complicated. The US Supports their economy. China is the number 3 trading partner (after Canada and Mexico) but in matters of imports into the US, they are number 1 by a long shot. China holds about 1 trillion in US debt as well.

          So they squabble like an old married couple that annoy each other. But they know what would happen if they really broke it off. So we have these shots across the bow every so often.

          • by DarkOx ( 621550 )

            Right and as Citizens we should demand this little detente be dissolved or blown up; however painful that might be in the short term because it means total destruction or at least a lot more pain in the long term.

            This entire lets couple our economies so we don't go to war with each other theory is working well. Except that it is working so much better for China. Either we break the co-dependence or this ends with American being culturally consumed by China.

            The current ruling uni-party is a party of nihilis

            • by sjames ( 1099 )

              The next issue is on the American corporate side. More and more people are noticing the ludicrously low prices of things if they buy direct from china and wondering why the same thing made in the same place by the same people costs so much more when bought from a U.S. company.

        • No they should send a nice little not over to the State Department detailing their evidence and what laws the threat actors have already broken.

          How do you know that this hasn't been done?

          In general, however, anti-espionage agencies don't like to "detail their evidence" in public because this will, of course, reveal how they have gathered their evidence, leading the black hats to stop doing those things and hide the leaks showing what they did and who they are.

          The state department should then recommend the FBI prosecute these individuals and assist them by arranging for extradition

          Are you really so brain-dead that you believe that the FBI has the power extradite foreign citizens working in a foreign country for a foreign government, for a US crime that probably isn't ag

          • by DarkOx ( 621550 )

            if that diplomatically makes sense.

            Except all the times when it does because it turns out the ransomeware author was in the UK, etc.

            I did not suggest they detail their evidence in public, I said they should detail it to the State Department. Who may in turn provide it to a cooperative jurisdiction, in other words our allies, who we generally do share intel of that type with.

            In the other case, you hack them back, worry about where they physically later, if at all. Also you destroy the value of their operation even if its harmful short term; because it prevents them from funding the next operation. Database of credit card numbers? PII for millions of healthcare subscribers, whatever; intel should anonymously dump it 4chan and the like, so that it can't be sold, because everyone already has it.

      • by sjames ( 1099 )

        Not barge in, tell the company to fix it or they put out a press release denouncing the company and it's executives by name as a threat to national security.

    • because the NSA, et. al. has no power to tell private industry what to do and then make them do it. So, with reports like this they are warning private industry to step up their game, which they will not do until something bad actually happens to them. At that time, the (then) CEO's will be fired and fall upon their fat golden parachutes, all the while claiming that they did everything possible, but had no credible threats...
  • Fill'em up proper now, ya here?

  • by FudRucker ( 866063 ) on Friday April 19, 2024 @05:32AM (#64407078)
    Instead ofcinvesting in the upkeep in the infrastructure to keep it all in good condition they pocket the profits, Andrew Jackson knew it back in his day too
    Gentleman, I have had men watching you for a long time, and I am convinced that you have used the funds of the bank to speculate in the bread-stuffs of the country. When you won, you divided the profits amongst you, and when you lost, you charged it to the bank. You tell me that if I take the deposits from the bank and annul its charter, I shall ruin ten thousand families. That may be true, gentlemen, but that is your sin! Should I let you go on, you will ruin fifty thousand, and that would be my sin! You are a den of vipers and thieves. I intend to route you out
    • How do you explain the Chinese hack of OPM? Greedy government?

      https://en.wikipedia.org/wiki/... [wikipedia.org]

      • They neglected the security of their computer systems?, instead of keeping it offline and a manager on-site to handle it, instead they go the cheap and convenient way and put it online for remote admins, also any competent hacker can get in and fuck it all up, or is that faked for an excuse to blame it all on instead of their greed & neglect of the system.
        • So corporations are guilty of greed, and the government is guilty of neglect. What a nice, one-dimensional world you live in.
  • This smells like bullshit: the hackers have burrowed (past tense) and are waiting (present). FBI knows and they are doing nothing? What are they waiting for? As soon as the hackers were discovered, their links should have been closed, the vulnerabilities fixed, bot networks disabled.

    • It does sound like BS, until you read the fine print. The hackers have burrowed (past tense) and are waiting (present). However, the hackers are not necessarily waiting for anything that was buried.

      The hackers have burrowed to gain intel. To study our weakness and formulate an effective strategy against us.

      The hackers are waiting, for the right time to strike, using the skills they have developed in the past attempts.

      Modern cyber security isn't always as simple as just closing links and disabling bot
    • Hmmm.. I'd have a hard time dismissing this.

      Anyone who has been running a network over the last 25 or 30 years has seen ongoing probes from (largely) Asia, Russia, and South America. Add in attempts from know proxies, unknown proxies, and r00ted network equipment/servers and you can comfortably make that claim.

      The question of the success of such a nation-destabilizing attack is another thing which hinges on whether they do indeed have control over enough network infrastructure to cause a serious disruption.

    • ...the fbi, by and large, can't tell the owners of said critical infrastructure, to do anything...at least in this country...
  • I find rather hard to understand why critical infrastructure is not on private networks and totally inaccessible from the internet.
    I can't imagine a single reason why having them on the internet at all should be the norm.

    Take the infrastructures off the publicly accessible networks , it's the right response.

    • I can't imagine a single reason why having them on the internet at all should be the norm.

      It's cheaper, of course. There's no other reason.

      • Agreed. Another issue is staffing in things like public water systems - the guy who runs my town's does his best but it's only a part time job for him and he's got 2 other part time jobs.
    • because the puc's won't let them spend...
    • by kackle ( 910159 )
      I used to teach a state-certified class about telemetry/SCADA communication in the water industry. Leased phone lines from the local ("local", as in, "much less hackable") phone company got to be very expensive decades ago. I assume it had something to do with people moving to cellular phones instead. Worse, having less knowledgeable technicians over time meant our customers would wait days for a field repair.

      Local spread spectrum radio use in the ISM band (think "Wi-Fi") is "free" to all, but that mi
  • running down\allowing the infrastructure to decline decay to increase the quarterly bottom line is the ceo's job.
  • If The FBI has such specific information ("23 pipeline operators"), then it should be easy to inform the companies and support them in fixing the problem.

    Honestly, knowing the FBI, this is more likely about justifying their own existence. Ask them to show the evidence, and have a third-party check it out. Won't happen, of course...

    • If The FBI has such specific information ("23 pipeline operators"), then it should be easy to inform the companies and support them in fixing the problem.

      It is not the holes that have already been identified that are the problem. It is the fact that the existence of some holes that have been found implies that a other attack vectors exist that have not been found. The best personnel to find these holes is the cybersecurity teams in charge of the systems being attacked, not the FBI.

      Honestly, knowing the FBI, this is more likely about justifying their own existence. Ask them to show the evidence, and have a third-party check it out.

      You're suggesting that the FBI tell the bad guys how they found what they do, and how they identified the attackers?

      Good idea. Let the bad guys know what the bad guys need to do t

  • There are those who strongly believe that the destruction of the Key bridge in Baltimore was related to some form of Chinese hacking. I can see those people pointing to this article as further proof of their arguments, regardless of direct evidence surfacing or not.
  • But I guess government full well knows this.
  • It's just a token trophy, rather small real-estate-wise to start WW3 over.

    • And it has never been part of the political union known as "The People's Republic of China." If anything, mainland PRC is the 'renegade province' but it's not my fight and it's for the Chinese to settle.
    • They want the photolitho machines. The location is also strategic.

  • Divide your enemy.
    The Rooskies are on the same page.
    Very effective, hard to prove... aaaaand seems to be working.
    Turn up the volume.
  • Maybe it wasn't such a great idea to literally connect every fucking thing to the internet with tissue paper systems that were known to be blatantly insecure?

    No, no, you just go ahead and connect your refrigerator, toaster, coffee machine, and front door lock to the internet for "convenience", safe in the assumption that your government is doing exactly the same thing for critical infrastructure for "reasons" that have more to do with not losing allocated budgets than any actual value.

    • Tech Bros are used to operating in an environment where they can afford to assign security to competent and trained individuals who decrypt communications for intelligence agencies as a hobby (in lieu of solving a "Rubik's cube").

      Meanwhile, you've got Joe Consumer who configured his firewall to secure on IPv4, and hasn't figured out IPv6 yet. That is the guy who is going to be providing I.T. for Mr. Jones when he hooks up his Refrigerator, toaster, coffee machine, and front door lock, to the internet for
  • by davidwr ( 791652 ) on Friday April 19, 2024 @09:33AM (#64407600) Homepage Journal

    If you are a nation-state, it's prudent to assume any unfriendly nation-state is doing whatever it can to prepare for conflict, including laying the groundwork for a future attack that may or may not ever happen.

  • by 0xG ( 712423 ) on Friday April 19, 2024 @10:04AM (#64407674)

    doing the same thing to them. This is obviously war.
    But we're not hearing about it...

    • But we're not hearing about it...

      That would be unreasonably to expect. If you brag about it, the adversary will harden their network, making your life more difficult. The Chinese don't brag about their hacking, too.

  • ...they've been. in there for literally years, maybe decades...
  • That's their job, right? They are warning everyone so that we'll know it's them when they unleash their counterattacks and super secret defenses since they know we can't protect ourselves.
  • ... blows against civilian infrastructure to try to induce panic.

    Then what? This is more of "We're under attack", "We must not allow a bomber/missile gap", "We're the 'good' guys" political/military self-importance.

    In reality, an enemy gets to do this once only, so it's useful as a step in a co-ordinated strategy, nowhere else.

    US culture contains plenty of dishonesty (socialism is evil, capitalism will provide, giving money to rich people helps everybody, State's rights, fight for your country) used to excuse class warfare. Enemy psy-ops can access existing elitism

The opossum is a very sophisticated animal. It doesn't even get up until 5 or 6 PM.

Working...