LAS VEGAS — China’s hackers have been positioning themselves to conduct destructive cyberattacks on U.S. critical infrastructure, a top U.S. cyber official warned Saturday.
Speaking at a panel at the Def Con hacker conference in Las Vegas, Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Agency, said, “I hope that people are taking seriously a pretty stark warning about the potential for China to use their very formidable capabilities in the event of a conflict in the Taiwan straits to go after our critical infrastructure.”
Such attacks would reflect a significant pivot from the type of cyber activity historically attributed to China, which for years has largely consisted of a barrage of espionage and theft of data but not destructive attacks designed to harm systems.
Easterly’s comments mirrored several other alarms raised this year regarding China’s potential to conduct destructive cyberattacks. In May, Microsoft warned that hackers affiliated with the Chinese government were targeting critical U.S. infrastructure.
In its most recent Annual Threat Assessment, published in February, the office of the Director of National Intelligence said that “China almost certainly is capable of launching cyber attacks that could disrupt critical infrastructure services within the United States, including against oil and gas pipelines, and rail systems.”
Last month, the New York Times reported that the U.S. was more actively hunting for Chinese hackers in critical infrastructure than previously known.
China would “almost certainly would consider undertaking aggressive cyber operations against U.S. homeland critical infrastructure and military assets worldwide” if it believed conflict with the U.S. was imminent, the report said.
The hackers affiliated with campaigns targeting U.S. infrastructure are particularly adept at “living off the land,” where they use victims’ existing computer processes rather than introducing new malicious software, a practice that makes them harder to detect, Easterly said.
David Pekoske, the director of the Transportation Security Administration, which oversees the security of U.S. pipelines, ports, railways, and aviation, said at the same panel that critical infrastructure operators needed to prepare for such cyberattacks immediately in order to not be caught off guard in the future.
“Time is not our friend in this quest. We need to move very, very quickly. That’s why we’ve moved so quickly and so have our industry partners,” Pekoske said. “We need to be ready now.”