Cyber attacks against key US infrastructure continue, but this time its China
Following a suspected recent Iranian cyberattack on a U.S. water treatment plant, government officials now claim that the Chinese military has targeted a number of water and power facilities across the country.
Transportation systems are among the obvious targets, with the attacks ostensibly being carried out to develop a broader attack playbook that could be deployed if war were to break out between the US and China.
Crippling key infrastructure after an outbreak of hostilities would slow logistics, create potential hysteria within population centers and ultimately destabilize the nation.
Five eyes on China
The attacks are being carried out by groups affiliated with the People's Liberation Army, and the groups have infiltrated 20 to 30 locations across the country. This is according to unnamed officials who have spoken to the government Washingtonpost.
The targets included water infrastructure in Hawaii, the power grid operator in Texas, a port on the West Coast and at least one oil and gas pipeline. While the attacks on these sites are serious, no critical control systems appear to have been breached.
The group behind many of the attacks, Volt Typhoon, has ties to China's People's Liberation Army and uses a wide range of advanced tactics, such as 'living off the land', which uses built-in network management tools to carry out attacks.
The group has been referenced in a number of attacks reports released by the Cybersecurity & Infrastructure Security Agency (CISA), but also mentioned in warnings released by Microsoft researchers and the Five Eyes intelligence alliance.
Brandon Wales, executive director of CISA, told the Washington Post: “It is very clear that Chinese efforts to compromise critical infrastructure are partly to prepare themselves to be able to disrupt or destroy that critical infrastructure in the event that of a conflict, to prevent the United States from projecting power into Asia or from causing social chaos within the United States – to influence our decision-making around a crisis.
“That is a significant change from Chinese cyber activity from seven to ten years ago, which was mainly focused on political and economic espionage.”