Hackers linked to China have targeted important infrastructural assets in the United States, including power and water utilities. According to a report in The Washington Post, these hackers are believed to be affiliated with China’s People’s Liberation Army (PLA) and have penetrated the computer systems of at least two dozen critical entities in the past year. These include a water utility in Hawaii, a West Coast port and pipeline, and the Texas power grid. The US government first discovered these intrusions in December. The latest information gives a more complete picture of a cyber campaign dubbed “Volt Typhoon” and the threat it poses.
The new report suggests the Chinese government has ambitions beyond merely conducting economic espionage or engaging in cyber-enabled theft. Instead, it appears that the country’s military is trying to pre-position itself to take advantage of America’s vulnerable infrastructure should a conflict break out with the US. This includes attempting to disrupt communication networks should a clash over Taiwan or other regional issues escalate.
According to the Post’s sources, these latest attacks are part of an ongoing campaign that started seven to 10 years ago. These Chinese efforts are a drastic change from the nation’s hacking activities that focused on political and economic espionage in the United States.
The Washington Post also cited a report from cybersecurity firm Recorded Future, which said that the Chinese hackers involved in the Volt Typhoon use standard devices such as internet routers to access targeted systems. This method of attack allows the cyber-soldiers to remain undetected after gaining access to victim machines by establishing covert proxy networks. The attackers also use low-bandwidth techniques to reduce operational costs by avoiding expensive data transfers.
Mandiant, a company that tracks cyberattacks, also observed this trend. The firm’s chief analyst, John Hultquist, said that the attackers prioritize stealth by limiting their time on each machine. This allows them to stay undetected while collecting data or stealing employee credentials. The attacks also target high-bandwidth equipment like internet routers, allowing attackers to access systems remotely via management interfaces on those devices.
A water utility in Hawaii was among the services targeted by the Chinese hackers. This is significant because Hawaii is the home base of the Pacific Fleet, a vital component of America’s ability to operate in Asia if needed. Officials quoted by the Post say the attack is meant to make it difficult for the US to send troops and supplies to the island in the event of a potential clash with China.
The Post’s report indicates that many attacked sites are controlled by private companies, making it harder to track the hackers’ movements. The attacks are reportedly being carried out by groups that may be affiliated with the Ministry of Public Security and other covert agencies.