The Chinese government would likely consider destructive or disruptive attacks on American critical infrastructure assets if it believed the U.S. was likely to intervene during a potential Chinese invasion of Taiwan, warned CISA Director Jen Easterly at a cybersecurity conference this past weekend.
Easterly stressed the escalation was alarming because U.S. officials spent more than a decade defending against Chinese cyber attacks that focused on the theft of financial and technological data as well as attacks for espionage purposes. However, more recently, Chinese threat actors have been positioning themselves to conduct destructive cyberattacks on U.S. critical infrastructure. Easterly’s comments echoed several other reports from earlier this year about China’s potential to conduct destructive cyberattacks. In May, for instance, Microsoft warned threat actors affiliated with the Chinese government were targeting critical U.S. infrastructure and developing the capabilities to disrupt their operations, specifically on military bases on the island of Guam. Then, last month, the New York Times reported the U.S. government had discovered that Chinese threat actors had gained access to the networks of power grids, communications systems, and water supplies for military bases within the U.S. and abroad. The threat actors affiliated with campaigns, tracked as Volt Typhoon, have employed a technique called “living off the land,” where they use victims' existing computer processes rather than introducing new malicious software, which makes them harder to detect. The tactics, techniques, and procedures and indicators of compromise were highlighted in a joint Cybersecurity Advisory (AA23-144a) published in May.
“I hope that people are taking seriously a pretty stark warning about the potential for China to use their very formidable capabilities in the event of a conflict in the Taiwan Straits to go after our critical infrastructure,” Easterly told the conference. Read more at The Record.