China wants to target critical infrastructure like water facilities and energy grids, FBI director said
Chinese state-sponsored hackers have conducted widespread cyberattacks on critical American infrastructure in recent years, intending to give the country the ability to cause “a devastating blow” against the US, according to FBI Director Christopher Wray.
“The fact is, the PRC [People’s Republic of China] targeting of our critical infrastructure is both broad and unrelenting,” he told a security conference in Nashville on Thursday, describing China’s hacking programme as growing in strength.
“It’s using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” he added.
Last year, security analysts at Microsoft identified mysterious code linked to communications systems in Guam, the US territory in the Pacific with a massive strategic air base.
Officials believe the code was the work of Volt Typhoon, a Chinese state-sponsored hacking group.
I’ll never understand how our infrastructure isn’t on a completely separate air gapped network.
Obviously they need to share data in house, but the government absolutely has the resources to run their own separate intranet that’s not at all connected to the global internet, and yet they just plug their shit into consumer lines and hope their security is up to snuff.
Sometimes an airgap isn’t enough (Stuxnet is a good example), but realistically cybersecurity is an afterthought unfortunately. Simply go onto Shodan and lookup Schneider or Allen-Bradley to see how many of these controllers are accessible directly from the internet