The US FBI and US Department of Justice (DOJ) have used a court order to address vulnerabilities in thousands of internet-connected devices that are at the center of a Chinese hacking campaign. The campaign is targeting sensitive US critical infrastructure, two US officials and a third source familiar with the matter reported to media.
The move is part of a broader, government-wide effort to blunt the impact of a persistent Chinese hacking effort that US officials fear could hinder any US military response in the event of a Chinese invasion of Taiwan, the source familiar said. The hackers are believed to be using access to some of the devices to burrow further into sensitive critical infrastructure, things like ports and transportation networks.[1] The court order allows the DOJ to update vulnerable software used by thousands of devices in the US that are vulnerable to the Chinese hacking, the source said.
The DOJ action is an effort to undercut the Chinese hackers’ ability to communicate with some of the infrastructure used in the hacks. But the hackers are believed to be deeply entrenched in US infrastructure. “We will need to keep doing it,” the source familiar told CNN. The White House has in recent months held a series of meetings with tech firms like internet and cloud computing providers to try to better track the Chinese hackers’ activity, the source said. The DOJ and FBI declined to comment. Reuters first reported on the US law enforcement activity.
In revealing the alleged Chinese hacking campaign last year, Microsoft, whose customers were targeted, said the hackers targeted critical infrastructure in Guam, a US territory that is key to US efforts to counter and deter China’s territorial ambitions in the Pacific. The US Marine Corps last year chose Guam as the place to open its first new base in 70 years, a facility that officials expect to host 5,000 Marines.
The intrusion of the Chinese hackers into US maritime and transportation networks have alarmed senior national security officials, who believe the hackers are there not to collect intelligence but to potentially cripple computer networks in the event of a US-China conflict. A senior National Security Agency (NSA) official, has told media that the Chinese activity is “unacceptable” because of its potential disruptive effects. “I think the difference here is how brazen it is in scope and scale,” Joyce told CNN last May.
The Chinese government has denied the allegations.
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. Call for assistance. For questions, comments, a demo or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
Reporting: https://www.redskyalliance.org/
Website: https://www.redskyalliance.com/
LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
[1] https://www.cnn.com/2024/01/29/politics/fbi-doj-chinese-hacking-us-infrastructure
Comments