The Biden administration is hunting for malware believed to originate from Chinese attackers in critical infrastructure systems that support U.S. military bases worldwide, The New York Times reported Saturday, citing unspecified military, intelligence and national security officials.
U.S. officials and industry experts believe the malware discovered by Microsoft in U.S. networks affecting Guam and other strategic sites may be just one example in a larger Chinese operation to plant malicious code dating back at least a year, the NYT reported. One congressional official described the malware as a “ticking time bomb” Beijing could activate in the event of a conflict with the U.S. or an invasion of Taiwan, which could disrupt U.S. military operations and cripple its response.
China’s efforts to infect important networks are far more extensive than the experts realized at first, the NYT reported. Most experts spoke on condition of anonymity to discuss sensitive matters, some of which are classified.
The affected networks control power grids, water supply and communications systems that support U.S. military operations but are connected to civilian systems, according to the NYT.
Microsoft attributed the attack in Guam to a Chinese state-backed hacking group dubbed Volt Typhoon, which deploys a strain of malware that can remain hidden within systems for years.
Within the administration, officials are trying to discern whether China’s goal is to target U.S. military operations during a contingency or disrupt civilian life more broadly, but the data so far shows more compromised networks in areas with higher concentrations of military outposts, according to the NYT.
Cyber Attacks and Typhoon Mawar prompt Guam Cyber Conference | The attacks were attributed to Volt Typhoon, a state-sponsored hacking group that carries out espionage and information gathering for the Chinese government. https://t.co/XZ7F4o4M38
— 780th Military Intelligence Brigade (Cyber) (@780thC) July 24, 2023
The White House has convened military, intelligence and homeland security officials in Situation Room meetings to hash out the problem and devise a plan of action, according to the NYT. Administration officials have also begun briefing members of Congress and industry leaders on the issue.
The hunt for the malicious code has been going on for at least a year, the experts told the NYT.
The DOD referred the Daily Caller News Foundation to the National Security Council.
“The Biden administration is working relentlessly to defend the United States from any disruptions to our critical infrastructure, including by coordinating interagency efforts to protect water systems, pipelines, rail and aviation systems, among others,” said Adam R. Hodge, the acting spokesman for the National Security Council, told the NYT. He did not directly mention China.
The campaign has puzzled the administration because it does not fit into the mold of familiar espionage-related hacking operations the U.S. and China have conducted against one another, according to the NYT. It “raises the question of what, exactly, they are preparing for,” a senior Biden adviser said.
Disruptions to water, power and other critical resources could slow a military response to a crisis in the Pacific by hours or days, affording China a massive window in which to pursue military aims.
China disputed the account.
“We have always firmly opposed and cracked down on all forms of cyberattacking in accordance with the law,” Haoming Ouyang, a spokesperson for the Chinese embassy in Washington told the NYT.
* Article From: The Daily Caller