There are reported attempts by the Chinese military to infiltrate critical infrastructure in the United States, encompassing power and water utilities, communication networks, and transportation systems, according to warnings from US government officials and cybersecurity experts. Hacking groups purportedly linked to China's People's Liberation Army (PLA) have allegedly breached the computer systems of approximately two dozen crucial entities in the past year. This purported intrusion is seen as part of a broader strategy aimed at creating panic, chaos, or disrupting logistics in the event of a conflict between the US and China in the Pacific, as stated by the US government and industry authorities.
The reported targets of these Chinese hackers include a water utility in Hawaii, a major West Coast port, at least one oil and gas pipeline, and an attempted breach into the operator of Texas's independent power grid. Although there have been numerous attacks on entities outside the US, such as electric utilities, US officials assert that none of these intrusions impacted industrial control systems or caused disruptions to critical functions.
Experts suggest that the Chinese military's objective is to complicate US efforts to transport troops and equipment to the Indo-Pacific region in the event of a conflict, particularly related to Taiwan. The revelations, detailed in The Washington Post, provide further insight into China's Volt Typhoon cyber campaign, initially detected about a year ago by US authorities. The National Security Agency’s Cybersecurity Collaboration Center acknowledged that Volt Typhoon activity appears to focus on targets within the Indo-Pacific region, including Hawaii.
The hackers allegedly deploy tactics to obscure their tracks, routing their attacks through seemingly innocuous devices like home or office routers before reaching their targets. Their primary objective is believed to be the theft of employee credentials, enabling them to pose as normal users and facilitate prolonged, undetected access. Although the methods of entry employed by these hackers are not fully determined, there is a consensus among experts that their goal is to establish and maintain access without raising suspicions.
