FBI Director Christopher Wray minced no words in calling out the Chinese government as a “broad and unrelenting” threat to US infrastructure.
China is one of the biggest state sponsors of hacking groups, using them to target and undermine rivals. According to Wray, nothing is off limits for Beijing.
“The PRC [People’s Republic of China] has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist,” he said in remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats in Nashville.
Wray says China represents a three-prong danger: crime, counterintelligence, and cybersecurity, “driven by the CCP’s aspirations to wealth and power,” Wray said, adding that China wants to “seize economic development in the areas most critical to tomorrow’s economy,” even if it means stealing it. The Chinese government has tried to pilfer “intellectual property, technology, and research” from nearly every industry in the U.S. economy, he noted.
Wray went on to say that China is actively targeting US infrastructure, including energy grids, transportation, water treatment facilities, and IT systems.
“The fact is, the PRC’s targeting of our critical infrastructure is both broad and unrelenting,” he said. Wray also said China’s hacking program was expanding, with a goal of not just stealing data but also causing disruptions.
“It’s using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” he added.
Wray said the FBI is fighting back, partnering with a combination of government and private sector entities.
“As part of those operations, we’re often sharing targeting and other information with partners like U.S. Cyber Command, foreign law enforcement agencies, the CIA, and others, and then acting as one,” he said.
Responding to the Microsoft Exchange attack, the FBI “leaned on our private sector partnerships, identified the vulnerable machines, and learned the hackers had implanted webshells—malicious code that created a back door and gave them continued remote access to the victims’ networks.”
As the threat continues to grow, Wray says companies need to do their part to help secure the IT supply chain and work with the FBI.
“Vetting your vendors, their security practices, and knowing who’s building the hardware and software you’re granting access to your network is crucial, so push for transparency into what vendors and suppliers are doing with your data and how they will maintain it,” he said.
“We’ve seen the best outcomes in situations where a company made a habit of reaching out to their local FBI field office even before there was any indication of a problem, because that put everyone on the same page and contributed to the company’s readiness,” he added.