Evan Lambert and Joe Khalil
3 days ago
“China’s multi-pronged assault on national and economic security make it the defining threat of our generation,” Wray said in front of the House Select Committee on the Chinese Communist Party.
Wray emphasized that his comments at the hearing are not about the Chinese people themselves, or Chinese-Americans, who “contribute much to our country” and are often “victims” of the CCP as well.
But when it comes to China’s government, Wray said, there has been “far too little” focus on the fact that hackers are targeting critical infrastructure in the U.S., including water treatment plants; the electrical grid; oil and natural gas pipelines as well as transportation systems.
The way China’s government has positioned itself across civilian infrastructure shows that “low blows” aren’t just a possibility in the event of a conflict, Wray said — but are part of the plan.
“The PRC’s cyber onslaught goes way beyond prepositioning for future conflict,” Wray said. “Today, and literally every day, they’re actively attacking our economic security, engaging in wholesale theft of our innovation and our personal and corporate data.”
“Responsible cyber actors” don’t target civilian infrastructure, Gen. Paul Nakasone, outgoing commander of United States Cyber Command, said in his testimony.
“There’s no reason for them to be in our water,” Nakasone said. “There’s no reason for them to be in our power.”
China has in the past called the U.S. government’s allegations baseless. Wang Wenbin, a spokesman for the Chinese foreign ministry, even claimed last year that “China is the biggest victim of cyber attacks.”
However, Microsoft last year echoed the statements of those who testified Wednesday, saying that state-backed Chinese hackers called Volt Typhoon targeted critical infrastructure in the U.S. and Guam.
“Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible,” Microsoft wrote in a blog post.
Several lawmakers asked about Volt Typhoon at the hearing. Reuters reported Monday that the Department of Justice and FBI received legal authorization to remotely disable aspects of the hacking campaign.
“The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation and water sectors,” Wray said Wednesday. These were all steps China took try and destroy or degrade “critical infrastructure that keeps us safe and prosperous,” Wray said.
Working with their partners, Wray said, the FBI ran an operation to shut down Volt Typhoon.
While the operation was an important step, Wray said there’s a whole lot more work to do.
“We need your help to do it,” he said. “To quantify what we’re up against, the (People’s Republic of China) has a bigger hacking program than that of every major nation combined.”
As budget discussions are underway, this is a time to be keeping ahead of the threat by investing in the United States’ capabilities instead of cutting them, Wray said.
“We need to ensure that we sustain and build on the gains that we’ve made that have enabled us to take actions like the Volt Typhoon operation,” Wray added.
This story is developing. Refresh for updates.
The Associated Press contributed to this report.