Posted on 04/18/2024 8:17:21 PM PDT by SeekAndFind
Last May I wrote about a group of Chinese hackers who'd been identified by Microsoft after malware was discovered in telecom systems on the island of Guam. Microsoft named the hacking group "Volt Typhoon."
Microsoft called the hacking group “Volt Typhoon” and said that it was part of a state-sponsored Chinese effort aimed at not only critical infrastructure such as communications, electric and gas utilities, but also maritime operations and transportation. The intrusions appeared, for now, to be an espionage campaign. But the Chinese could use the code, which is designed to pierce firewalls, to enable destructive attacks, if they choose.
Today, FBI Director Christopher Wray spoke at a summit on emerging threats in Nashville and talked about Volt Typhoon and the threat presented by Chinese hackers.
“The PRC [People’s Republic of China] has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist,” he said in remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats in Nashville...
“The fact is, the PRC’s targeting of our critical infrastructure is both broad and unrelenting,” he said. And, he added, the immense size—and expanding nature—of the CCP’s hacking program isn’t just aimed at stealing American intellectual property. “It’s using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” he said.
Wray gave this example of a trap set up for the hackers which suggested they were interested in more than profit.
“When one victim company set up a honeypot—essentially, a trap designed to look like a legitimate part of a computer network with decoy documents—it took the hackers all of 15 minutes to steal data related to the control and monitoring systems, while ignoring financial and business-related information, which suggests their goals were even more sinister than stealing a leg up economically,” he said.
For its part, China has released a report claiming that Microsoft's investigation (the one that named Volt Typhoon last year) was mistaken. The hackers aren't backed by the state China claims, but simply criminals looking for ransomware opportunities. Here's what state media had to say just a few days ago.
Multiple cybersecurity authorities in the US have been pushing "China-sponsored" Volt Typhoon false narrative just for seeking more budgets from the US Congress. Meanwhile, Microsoft and other US cybersecurity companies also want more big contracts from US cybersecurity authorities, according to a report about the investigation...
Volt Typhoon hacker group is a ransomware cybercriminal organization without state or regional support background, Chinese Foreign Ministry spokesperson Lin Jian said at a regular press conference on Monday commenting on the investigation report, saying that various signs indicate that US intelligence community and cybersecurity companies are colluding to fabricate so-called evidence and spread false information that the Chinese government supports cyberattacks against the US, in order to seek congressional budget appropriations and government contracts.
No doubt this is the sort of plausible deniability China planned on if its hackers were caught. But US allies seem convinced that Volt Typhoon is a very large Chinese operation.
Daniel Cuthbert, who sat on the UK Government Cyber Security Advisory Board, said the Volt Typhoon hacking system is bigger than anything China has unleashed before...
"In essence, Volt Typhoon is a campaign, albeit a very large one, by Chinese state agents actively gaining access to industrial control systems and other critical national infrastructure," Cuthbert told Newsweek.
"Similar campaigns have been happening for a very long time, but I think what has surprised many, including myself, was the sheer scale of the campaign."
China can continue to deny it is involved but clearly our intel agencies are onto what they have been doing and have been removing the malware from compromised computers. Whatever China was planning to do with this capability, it probably won't be able to now.
The FBI is wasting time on threats that are not coming White conservative (and Catholic) males. As the FBI has maintained, all the world’s evil only comes from such persons.
So there can never be a threat from China, or elsewhere, that could ever warrant attention.
All entities in China are either wholly owned, or majority owned, by the CCCP.
China’s government thusly owns all blame.
I wonder if the Multi-state 911 shutdown the other day was the chicoms playing with it ?
One must have to keep that option in mind...
An I wrong then, in my perception that nothing is being done about it to stop Chinese advancement and abuse on our soil?
We hear that tens of thousand of them are coming across our southern border.
I hear of no arrests, no charges, no deportations.
On this matter, I do, because it is what we had been seeing for ourselves.
Quite wrong.
Security of infrastructure systems IT has been constantly upgraded for over 20 years. Its been a high priority, sometimes the highest budget item for IT upgrades. I’ve been there firsthand.
I have never been party to information on “human” issues, just systems (SCADA is the term in our world) and its associated security problems.
On the side I have been party to info about physical security where it crossed over into system security, and there has been considerable work there too, but threat analysis on that front wasn’t in our wheelhouse.
I can tell you firsthand that the FBI has been active in this cyber-threat space for decades.
They aren’t connected to the internet, or they arent supposed to be, I cant answer for everything and everyone in the US.
Systems running critical infrastructure are air-gapped. And protected beyond this, which I cant go into details about. But this is old news.
There are ways around this, look up Stuxnet (really, do look it up, its a fascinating story). This is a game thats been going on in re air-gapped systems for a long time.
One of the reasons is that during the COVID affair, everyone wanted to (or was told to) stay home and use the internet to communicate and access computer systems at work.
Well, that’s sort of encouraging, I suppose. Not familiar with the intricacies of Stuxnet. Might have to look into that.
Both Russia and China have Hacker Farms. People are given living quarters and an office cubicle with a computer and internet access. Their ‘job’ is to hack whatever they can in Western Nations.
The Russian and Chinese Govt’s have nothing to do with these ‘farms’ except for hiring the hackers, providing room and board, internet access, some amenities, and dispersing funds to successful hackers by a government paymaster.
Preparing? They already have.
If we’re just now being warned that they’re *preparing* .... you’re exactly right ... this means that they already have. 😉
Our hackers have to live in Mom’s basement.
I have no reason to doubt you for this and your follow-on
comments on this thread.
Having seen a lot of warnings about things that could take
place, it really didn’t look like they were doing much or
very confident about what they have done.
Let me couple this with investigations the FBI has been
involved in over the last few decades. Some of them were
beyond the pale misleading, and too many people were aware
of it. It defied logic some of the conclusions they came
up with
The most recent is the 01/06 fiasco, with people being
locked up in solitary confinement for long periods of
time, and talk of insurrection although no one was packing
heat, and many of those people were let in the front door
by staff.
There has been absolutely no mention of ANTIFA who stated
they would be there, and they were recognizable for having
been there with their customary back packs they wear at
each of their events.
The questions are, why the full court press on this as if
it was an attempt to topple the U. S. government, which
absolutely no one believes?
Why wasn’t the guy recruiting to get folks to enter the
capital, “Brian Epps?”, prosecuted? The guy was gathering
folks to do what the federal agencies were and still are
calling insurrection.?
It’s clear, and has been confirmed by the FBI themselves
at various times, they had insiders in the crowds, which
begs a further question, they were inside these groups,
and they are still pushing the insurrection theory, when
they know that to be patently false. Why?
These people have been treated like enemies of the state,
and in the traditional sense, they simply aren’t. They
have a legitimate beef regarding the 2020 election, and
they simply wanted more of an investigation into what
took place.
They took four years to investigate Trump and are now
throwing everything in the book at him, but the sanctity
of our elections didn’t reach the level of import to
check into it. No one is particularly certain the 2020
election was on the up and up.
I’ve seen interviews of family members of the family
of people in nursing homes who couldn’t even recognize
their own children, and yet they were revealed to have
been canvased and voted.
White Christians are under the gun as potential terrorists
according to government agencies. Meanwhile foreign
nationals of a military age are swarming in, some from
enemy nations against us. They are given a pass.
So I think it’s safe to say at least from my vantage
point, that I am very concerned about what has taken
place with the FBI.
I grew up with tremendous respect for law enforcement and
the FBI. Today, the FBI appears more to be a rogue agency
than a sound organization.
FISA warrants, wire tapping, raids on Trump and a lot of
other Conservative people, and zero interest in taking
Biden or his people on.
I believe these are all legitimate issues.
I don’t like having to question the soundness of federal
agencies.
The FBI, like most bureaucracies, is compartmentalized. Most of it does the daily wash that has little or no political relevance. One of these is cybersecurity, or it has at least part of an oversight role there.
Some of it is thoroughly corrupt and politicized, as you say. I agree with you completely on that.
I can only report on what I know, and I have been briefed several times by the FBI and other agencies, and I know what was happening in our business and what our own IT security people have been doing.
The frontline here btw is not the FBI, but private-company IT departments. Our guys (my guys, pre retirement) are the infantry in this fight.
Change every reference of PRC to FBI in this story and THEN I’ll believe it.
I do.
I (ran the projects) put in our remote access systems AND the air-gapped facilities, beginning over 20 years ago. Every large infrastructure outfit I know of did the same long before 2020.
And a great deal else which should not be discussed.
This has been a very active area of IT system investment for decades, almost all of it in the private sector.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.