The U.S. government has thwarted a sophisticated Chinese hacking campaign that posed a serious threat to American and allied critical infrastructure networks, according to the Wall Street Journal. This action, announced on Wednesday, reflects the Biden administration’s heightened vigilance against China’s increasingly advanced hacking capabilities.
Attorney General Merrick Garland emphasized the U.S. commitment to dismantling foreign-sponsored cyber operations that jeopardize American security. This latest effort involved the Justice Department and the FBI taking decisive steps in December to dismantle a botnet—a network of hacked devices—comprising primarily small office and home office (SOHO) routers.
The routers, predominantly Cisco and Netgear products, were vulnerable due to their end-of-life status, meaning they no longer received regular security updates. These routers served as nodes for the hackers, allowing them to conduct their operations covertly. The U.S. officials successfully removed the botnet from these routers and cut off the hackers’ access.
FBI Director Chris Wray issued a stark warning about the Chinese hacking threat, particularly their focus on infiltrating U.S. critical infrastructure networks. In his testimony before the House China committee, Wray highlighted the potential for real-world harm and disruption, noting that Chinese hackers have targeted essential sectors such as water treatment, energy, transportation, and communication systems.
The disrupted hacking campaign, known as Volt Typhoon, has been a concern for the U.S. and its allies for nearly a year. Microsoft and other private-sector entities have reported on this campaign’s attempts to access sensitive networks in various critical sectors. The campaign’s objectives appear to include disrupting communication infrastructure between the U.S. and Asia, potentially impacting American support for Taiwan in the event of a crisis.
China has consistently denied involvement in cyberattacks against the U.S. and other nations. The Chinese Embassy in Washington has not responded to requests for comment on this latest development. This operation by the U.S. government underscores the ongoing cyber warfare landscape and the need for robust cybersecurity measures to protect national infrastructure and interests.