FBI Says Chinese Hackers Preparing To Attack US Infrastructure (reuters.com) 116
schwit1 shares a report from Reuters: Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting "for just the right moment to deal a devastating blow," FBI Director Christopher Wray said on Thursday. An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University.
China is developing the "ability to physically wreak havoc on our critical infrastructure at a time of its choosing," Wray said at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats. "Its plan is to land low blows against civilian infrastructure to try to induce panic." Wray said it was difficult to determine the intent of this cyber pre-positioning which was aligned with China's broader intent to deter the U.S. from defending Taiwan. [...] Wray said China's hackers operated a series of botnets - constellations of compromised personal computers and servers around the globe - to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google. China's Embassy in Washington said in a statement: "Some in the US have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the US to be the victim while it's the other way round, and politicizing cybersecurity issues."
China is developing the "ability to physically wreak havoc on our critical infrastructure at a time of its choosing," Wray said at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats. "Its plan is to land low blows against civilian infrastructure to try to induce panic." Wray said it was difficult to determine the intent of this cyber pre-positioning which was aligned with China's broader intent to deter the U.S. from defending Taiwan. [...] Wray said China's hackers operated a series of botnets - constellations of compromised personal computers and servers around the globe - to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google. China's Embassy in Washington said in a statement: "Some in the US have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the US to be the victim while it's the other way round, and politicizing cybersecurity issues."
Re: (Score:2)
Anyway, what else would state sponsored Chinese hackers do?
Re: (Score:3)
They might go after government and military systems rather than target civilians in cyber warfare.
I'm just spitballing here, though.
Re: (Score:2)
They might go after government and military systems rather than target civilians in cyber warfare.
I'm just spitballing here, though.
The logical strategy is to target both military and civilian infrastructure, as civilian infrastructure is a critical component of military strategy. The only reason to limit the set of targets is a lack of human and machine resources, which is not an issue for China.
Re: (Score:1)
Generally, local law enforcement are not qualified to make judgement calls regarding cyber security and cyber warfare matters. Presumably, the FBI are sufficiently qualified, but should the FBI be notified for every ICMP echo request against a firewall?
Re: (Score:1)
contribute to open source projects instead of using their powers for evil
Re: (Score:3)
Anyway, what else would state sponsored Chinese hackers do?
Also, what would ANY country's security apparatus say about what an 'unfriendly' nation's hackers are up to?
To be clear, I have no difficulty in believing that Chinese hackers are up to what TFA claims. But I also have no difficulty believing that many such claims might be exaggerated, or even fabricated, in order to secure more funding for, and promote the growth of, whatever security apparatus is making the claim.
Re: (Score:2)
> Has anything changed from the last time it was reported?
Nancy Pelosi bought more shares of PANW
Re: (Score:3)
Indeed. The whole subtext is "Be afraid! Be very afraid! Only we can keep you safe, so give us all your freedoms and money so we can keep them safe too!"
Americans generally don't realize we're the most propagandized people on the planet, mostly because the quality of the mind control emanating from the professional ad agencies is so good. Best mind control organizations in the world. We're number one!!
Re:Narratives & alternative facts from all sid (Score:4, Interesting)
As a Soviet general told writer Farley Mowat, "The difference between Soviet propaganda and American propaganda is that no no one believes ours."
Duh (Score:2, Insightful)
The only reason China has not brought the US economy to a standstill is because so far they did not want to. This is not because Chinese hackers are so great. This is because US infrastructure, industrial and government IT Security is so bad. Not that the rest of the world is much better.
And why have people been sleeping and ignoring the threat for about a decade now or longer? Simple: Greed. IT Security costs money. Nothing happens to the CEO that rather has a fat bonus than decent IT Security.
Re:Duh (Score:5, Insightful)
I think it's because greed trumps their desire to attack their nemesis. Without the US economy end point for their production, their own economic house of cards will quickly collapse.
Re: (Score:2)
Well, it is pretty clear that China would also massively lose in any such scenario. But accidents and political changes do happen and and hence even this "light" form of MAD is simply insane.
Re: (Score:3)
Well, it is pretty clear that China would also massively lose in any such scenario.
Is it?
I mean, I have no doubt that (barring something like Pearl Harbor) the US military would take the opening rounds of any US-China conventional war, but the but the supply of equipment possessed by the US Navy and US Air Force is relatively small, will attrit fairly quickly, and the relative industrial capacity and resource availability of the US and China today is very much in China's favor. It's doubtful that the US could execute a building program like it did from 1940-1945 (and especially 1942-1944
Re: (Score:2)
Do you seriously think we're not balls-deep into their infrastructure too?
Re: (Score:2)
That's not the point. The point of all this cyberwarfare shit is to dump a bunch of zero days out at the beginning of hostilities and cripple national infrastructure to hinder preparation in the early stages of war. The presumption, unless our task was to attack China first, is that they're already ready for the fight while we are unprepared, as is likely in any event. After the war is on a few weeks, the cyberwarfare stuff is much less relevant.
Re: (Score:1)
Hypersonic missiles that we have no effective counter for.
Yeah, that's the big issue now. Who needs regiments of Backfires to wipe out carrier groups when you could literally do it from land now.
Our ability to project power is minimal now and it shows in our unwillingness to risk those gold plated targets against any kind of hostile actor that would have a chance of taking them out. Why do you think those carriers are nowhere near Iran, Taiwan or Kola? It was actually very risky to expose those carriers
Re: (Score:2)
Hypersonic missiles that we have no effective counter for.
[citation needed]
Aegis equipped ships have successfully hit ballistic missiles and satellites in testing (and probably under operational conditions as of last weekend), and both of those are, by definition, hypersonic targets. While the US Navy doesn't comment on what weapons a ship might be carrying, it's almost a certainty that all of them have some SM-3s in the magazines at this point.
Our ability to project power is minimal now and it shows in our unwillingness to risk those gold plated targets against any kind of hostile actor that would have a chance of taking them out.
The biggest current problem with the carrier groups projecting power is that their air wings have less combat power than
Re: (Score:2)
Hypersonic missiles that we have no effective counter for.
False. [ainonline.com]
H. L. Mencken has entered the chat (Score:3)
Not everyone is a cybersecurity expert.
Not all internet-based threats are known.
When known, the full scope of threats may not be realized.
When the full scope is known, the budget may not exist to mitigate the threats, particularly in government.
When the full threat is known, and the budget exists, the mitigation available may effectively eliminate the service under threat.
Greed is an excuse that is easy, obvious, and - often, but not always - wrong.
Re: (Score:2)
You are just trying to apologizing things that cannot be apologized. A brief look at where attackers got in for the last few years nicely shows how utterly bogus your "argument" (which is basically just FUD) is.
So, lets see:
Not everyone is a cybersecurity expert.
Sure. That is why you _hire_ them. Not everybody is a fire-safety expert either, but do you see buildings burning down left and right?
When known, the full scope of threats may not be realized.
So doing nothing is the way to go? Once you actually have hired those experts, that stops. You know, because actual experts keep up with the threat landsc
Re: (Score:2)
You are just trying to apologizing things that cannot be apologized. A brief look at where attackers got in for the last few years nicely shows how utterly bogus your "argument" (which is basically just FUD) is.
So, lets see:
Not everyone is a cybersecurity expert.
Sure. That is why you _hire_ them. Not everybody is a fire-safety expert either, but do you see buildings burning down left and right?
Boom! It's too bad there is no Level 10 insightful, because this is right there. Mod this guy up, people!
Re: (Score:2)
Thanks, but it really is not that great an insight ;-)
Re: (Score:2)
Eh, it's a fine insight, in a post-scarcity world. Too bad that's not where we live.
Re: (Score:2)
You missed a step. It's kinda important to your argument.
Not everyone is a cybersecurity expert.
Sure. That is why you _hire_ them.
You missed:
Not all internet-based threats are known.
When do you hire security experts?
1) when you create a system.
2) when you discover you have a problem.
... the mitigation available may effectively eliminate the service under threat.
That is just nonsense. If the service is under threat you either fix it or you stop running it.
... exactly what I just said. "Fixing" takes time and money, either of which may be missing, either "until the next budget cycle", or "indefinitely". And with software? It doesn't stay fixed. Never.
Incidentally, almost everything can be secured. It just costs money and time and may be inconvenient.
This is perhaps your greatest failing. (And hey, you forgot a bit in there.) You assume that you can secure something, implying that it w
Re: (Score:1)
Re:Duh (Score:4, Insightful)
The only reason China has not brought the US economy to a standstill is because so far they did not want to.
And they don't want to because it would be tantamount to economic suicide.
Re: (Score:2)
Probably. But do they know that? And the more sanctions the US imposes, the less damaging this will be to them.
Re: (Score:2)
Probably. But do they know that?
China has for a while, attempted to connect communism to capitalism. So I guess it is what 'ism wins out. If communism, then they've had a case history of shooting themselves in the foot. What is it with communist countries starving their own citizens to death?
Re: Duh (Score:2)
Re: (Score:2)
This is because US infrastructure, industrial and government IT Security is so bad. Not that the rest of the world is much better.
I hope we won't find out what all out cyber war would look like, because a lot of everything everywhere will stop working. This is likely why governments, including US, implemented emergency country-wide internet disconnects.
Re: (Score:2)
Agreed. But I think those "kill-switches" will be too slow. They are more there to give the politicos an illusion of control.
Not sure this make sense (Score:2)
Re: (Score:1)
Well maybe this is what they are doing, it's just that they are doing it about something other than the purpoted hacker problem.
The word you are looking for is psyop.
Re: (Score:2)
"The word you are looking for is psyop" Stop watching TV...bad for you, make you believe stupid things are happening and if you only could get the memo, you could point to them.
Re: (Score:3)
Why are they informing the public and not doing anything about it? I mean they are not supposed to be journalists, just reporting stuff, right?
It's letting your enemy know you know what they're up to. It makes them wonder where the leak is in their organization.
Though, in the case of China, they've routinely told everyone their goal is to become number one in the world and will do whatever it takes to get there, so this isn't really newsworthy since everyone knows about it.
Re:Not sure this make sense (Score:5, Insightful)
What is it that you want them to do? Barge into company offices and demand they "fix" their infrastructure? Bring court cases against companies under what law precisely?
Any "fix", seeing as companies and industries won't do it themselves, requires Congress acting. With this lot in Congress, there's no chance of that happening and even if they did, it would necessarily be high level. Even if they outlawed naughty company behavior of not securing their infrastructure, we do not have CyberCorps, able ferret out company infrastructure naughyness. We would have to wait until a company got nailed first before bringing them to court, and then spend the next 5 years litigating if it was a large company.
Re: (Score:2)
No they should send a nice little not over to the State Department detailing their evidence and what laws the threat actors have already broken. The state department should then recommend the FBI prosecute these individuals and assist them by arranging for extradition if that diplomatically makes sense. In other cases the State Department should hand the information off to the CIA or DoD to for them to take some offensive steps toward threat reduction.
Nobody should have any problems with the DoD or NSA burn
Re: (Score:2)
No they should send a nice little not over to the State Department detailing their evidence and what laws the threat actors have already broken. The state department should then recommend the FBI prosecute these individuals and assist them by arranging for extradition if that diplomatically makes sense. In other cases the State Department should hand the information off to the CIA or DoD to for them to take some offensive steps toward threat reduction.
Nobody should have any problems with the DoD or NSA burning down the IT infrastructure of some criminal actor in a hostile jurisdiction. Any more than we have no problem with the Navy routing some pirates.
That is what a government that was actually trying to do its job for the American people would do.
The USA and China situation is complicated. The US Supports their economy. China is the number 3 trading partner (after Canada and Mexico) but in matters of imports into the US, they are number 1 by a long shot. China holds about 1 trillion in US debt as well.
So they squabble like an old married couple that annoy each other. But they know what would happen if they really broke it off. So we have these shots across the bow every so often.
Re: (Score:2)
Right and as Citizens we should demand this little detente be dissolved or blown up; however painful that might be in the short term because it means total destruction or at least a lot more pain in the long term.
This entire lets couple our economies so we don't go to war with each other theory is working well. Except that it is working so much better for China. Either we break the co-dependence or this ends with American being culturally consumed by China.
The current ruling uni-party is a party of nihilis
Re: (Score:2)
The next issue is on the American corporate side. More and more people are noticing the ludicrously low prices of things if they buy direct from china and wondering why the same thing made in the same place by the same people costs so much more when bought from a U.S. company.
Re: (Score:2)
No they should send a nice little not over to the State Department detailing their evidence and what laws the threat actors have already broken.
How do you know that this hasn't been done?
In general, however, anti-espionage agencies don't like to "detail their evidence" in public because this will, of course, reveal how they have gathered their evidence, leading the black hats to stop doing those things and hide the leaks showing what they did and who they are.
The state department should then recommend the FBI prosecute these individuals and assist them by arranging for extradition
Are you really so brain-dead that you believe that the FBI has the power extradite foreign citizens working in a foreign country for a foreign government, for a US crime that probably isn't ag
Re: (Score:2)
if that diplomatically makes sense.
Except all the times when it does because it turns out the ransomeware author was in the UK, etc.
I did not suggest they detail their evidence in public, I said they should detail it to the State Department. Who may in turn provide it to a cooperative jurisdiction, in other words our allies, who we generally do share intel of that type with.
In the other case, you hack them back, worry about where they physically later, if at all. Also you destroy the value of their operation even if its harmful short term; because it prevents them from funding the next operation. Database of credit card numbers? PII for millions of healthcare subscribers, whatever; intel should anonymously dump it 4chan and the like, so that it can't be sold, because everyone already has it.
Re: (Score:2)
Not barge in, tell the company to fix it or they put out a press release denouncing the company and it's executives by name as a threat to national security.
Re: (Score:2)
Hack Those Potholes (Score:2)
Fill'em up proper now, ya here?
Re: Hack Those Potholes (Score:1)
Re: FBI's word means little (Score:2)
Re: (Score:1)
Except all the stuff they reported on the former alleged president was true, just not indictable. And that asshole is promising more shit if he gets re-elected and gets to use the Justice Dept. again for his goon squad, and now backed by his brownshirts.
Re: (Score:1)
Don't worry, the democratic party has figured out the magic sauce in how to "fortify" elections, so the greatest, most mentally aware president of all time is guaranteed another term. And even if that wasn't true, never underestimate the Republican party's ability to snatch defeat from the jaws of victory.
Re: (Score:1)
One can take a moral of a story about the boy who cried wolf, is that eventually it might not be just "crying wolf". In the modern area we have more nuanced controls, such as "tornado watches" vs "tornado warnings". We have various alert conditions and even a "doomsday clock".
Maybe there is a discussi
Re: (Score:2, Informative)
The head of the FBI is a republican appointed by Trump. https://en.wikipedia.org/wiki/... [wikipedia.org]
The greedy never change (Score:5, Interesting)
Gentleman, I have had men watching you for a long time, and I am convinced that you have used the funds of the bank to speculate in the bread-stuffs of the country. When you won, you divided the profits amongst you, and when you lost, you charged it to the bank. You tell me that if I take the deposits from the bank and annul its charter, I shall ruin ten thousand families. That may be true, gentlemen, but that is your sin! Should I let you go on, you will ruin fifty thousand, and that would be my sin! You are a den of vipers and thieves. I intend to route you out
Re: (Score:3)
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: The greedy never change (Score:2)
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Locking down the systems sufficiently is undoubtedly a more serious concern. You can sink a safe to the bottom of the ocean, to secure its contents, but then those contents will not be accessible for any productive work.
I can't do lock down the systems alone, and I can't do it by overriding the authority of the executi
Re: (Score:1)
Ah, the Mythical They, able to leap higher than tall build, faster than a speeding train, etc. The FBI cannot go after companies for screwing up this way. And if they did, the R's would be hanging from the lamp posts screaming states rights, no-abortion, or whatever strikes their fancy to whine incessantly about this week.
Re: (Score:3, Insightful)
This isn't left right politics. If it was then why aren't D screaming about how R are pro-Chinese hacking? Just stop with that noise.
The FBI could identify 1000+ random people inside a building for 20 minutes based on fuzzy security cameras pictures but can't do what they exist for: to defend the country internally from foreign spies. If the best they can do is press releases about how bad things are then we need someone else yo do this job.
If it isn't the to,r of the FBI then who is responsible? What a
Re: (Score:2)
In theory, the FBI is limited to domestic operation. The DIA, CIA, NSA, DEA, etc., are charged with non-US operations.
There is no legal mechanism to tell $small_utility that they have to fix their likely expensive if ancient (must get depreciation and a long service life) equipment.
We don't have a second, fortified Internet that's immune from international traffic; it's the world wide web, not the SECURE web.
Worse, you can bet that the aforementioned agencies are far, far up the tailpipes of most Chinese in
Re: (Score:2)
Not mutually exclusive, you know.
Re: (Score:2)
Instead of saying, "Oh noes! China is going to hack us in a devastating cyber Pearl Harbor! We know they're in all these systems!", how come they don't just do their real job and have these systems cleaned up and locked down?
Why do you think that they aren't doing that?
The difficulty is that the exploits they have found and the systems that are known to be compromised imply the existence of exploits we haven't found and systems we don't know are compromised.
We've known for years our infrastructure is vulnerable. Why have they seemed to do nothing about it?
Maybe, by telling people that the infrastructure is likely to be attacked?
smells like BS (Score:2)
This smells like bullshit: the hackers have burrowed (past tense) and are waiting (present). FBI knows and they are doing nothing? What are they waiting for? As soon as the hackers were discovered, their links should have been closed, the vulnerabilities fixed, bot networks disabled.
Re: (Score:2)
The hackers have burrowed to gain intel. To study our weakness and formulate an effective strategy against us.
The hackers are waiting, for the right time to strike, using the skills they have developed in the past attempts.
Modern cyber security isn't always as simple as just closing links and disabling bot
Re: (Score:3)
Hmmm.. I'd have a hard time dismissing this.
Anyone who has been running a network over the last 25 or 30 years has seen ongoing probes from (largely) Asia, Russia, and South America. Add in attempts from know proxies, unknown proxies, and r00ted network equipment/servers and you can comfortably make that claim.
The question of the success of such a nation-destabilizing attack is another thing which hinges on whether they do indeed have control over enough network infrastructure to cause a serious disruption.
Re: (Score:3)
Critical on a public net. (Score:2)
I find rather hard to understand why critical infrastructure is not on private networks and totally inaccessible from the internet.
I can't imagine a single reason why having them on the internet at all should be the norm.
Take the infrastructures off the publicly accessible networks , it's the right response.
Re: (Score:2)
I can't imagine a single reason why having them on the internet at all should be the norm.
It's cheaper, of course. There's no other reason.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Local spread spectrum radio use in the ISM band (think "Wi-Fi") is "free" to all, but that mi
How dare they ? (Score:2)
Believable? (Score:1)
If The FBI has such specific information ("23 pipeline operators"), then it should be easy to inform the companies and support them in fixing the problem.
Honestly, knowing the FBI, this is more likely about justifying their own existence. Ask them to show the evidence, and have a third-party check it out. Won't happen, of course...
Re: (Score:2)
If The FBI has such specific information ("23 pipeline operators"), then it should be easy to inform the companies and support them in fixing the problem.
It is not the holes that have already been identified that are the problem. It is the fact that the existence of some holes that have been found implies that a other attack vectors exist that have not been found. The best personnel to find these holes is the cybersecurity teams in charge of the systems being attacked, not the FBI.
Honestly, knowing the FBI, this is more likely about justifying their own existence. Ask them to show the evidence, and have a third-party check it out.
You're suggesting that the FBI tell the bad guys how they found what they do, and how they identified the attackers?
Good idea. Let the bad guys know what the bad guys need to do t
The timing of the article adds fuel to the fire. (Score:2)
Not a private organization, but the Chinese state! (Score:2)
Why does Xi have a hardon for Taiwan? (Score:1)
It's just a token trophy, rather small real-estate-wise to start WW3 over.
Re: (Score:2)
Re: (Score:2)
They want the photolitho machines. The location is also strategic.
Re: (Score:1)
> It's rich, and high tech.
It'll stop being that after a dictator gets ahold of it.
Historical precedence (Score:2)
The Rooskies are on the same page.
Very effective, hard to prove... aaaaand seems to be working.
Turn up the volume.
Huh. (Score:2)
Maybe it wasn't such a great idea to literally connect every fucking thing to the internet with tissue paper systems that were known to be blatantly insecure?
No, no, you just go ahead and connect your refrigerator, toaster, coffee machine, and front door lock to the internet for "convenience", safe in the assumption that your government is doing exactly the same thing for critical infrastructure for "reasons" that have more to do with not losing allocated budgets than any actual value.
Re: (Score:1)
Meanwhile, you've got Joe Consumer who configured his firewall to secure on IPv4, and hasn't figured out IPv6 yet. That is the guy who is going to be providing I.T. for Mr. Jones when he hooks up his Refrigerator, toaster, coffee machine, and front door lock, to the internet for
Assume hostile nation-states do this to each other (Score:4, Insightful)
If you are a nation-state, it's prudent to assume any unfriendly nation-state is doing whatever it can to prepare for conflict, including laying the groundwork for a future attack that may or may not ever happen.
I have said it before: We had better be (Score:3)
doing the same thing to them. This is obviously war.
But we're not hearing about it...
Re: (Score:2)
But we're not hearing about it...
That would be unreasonably to expect. If you brag about it, the adversary will harden their network, making your life more difficult. The Chinese don't brag about their hacking, too.
doh (Score:2)
The FBI will protect us (Score:2)
Do this once, only (Score:2)
Then what? This is more of "We're under attack", "We must not allow a bomber/missile gap", "We're the 'good' guys" political/military self-importance.
In reality, an enemy gets to do this once only, so it's useful as a step in a co-ordinated strategy, nowhere else.
US culture contains plenty of dishonesty (socialism is evil, capitalism will provide, giving money to rich people helps everybody, State's rights, fight for your country) used to excuse class warfare. Enemy psy-ops can access existing elitism
You waited a long time for this, 7-Digits (Score:2)