Vital Warning Issued by the FBI and CISA to Secure Against China's Escalating Cyber Threats

A stark warning about the evolving and national threat posed by Chinese government-sponsored cyber activities was issued by the FBI emphasizing the need for immediate attention, awareness, and action. FBI Director Christopher A. Wray addressed lawmakers, underscoring the Chinese government's relentless pursuit of American intellectual property, extending from cyberattacks to traditional espionage methods. Notably, the scope of their malicious activities now extends to critical infrastructure, including water treatment plants, electrical grids, oil and natural gas pipelines, and transportation systems, posing a significant risk to the nation. Wray's warning strikes a balance, acknowledging the nation's adept capabilities to defend against offensive Chinese cyber activity while emphasizing, "I do want the American people to know that we cannot afford to sleep on this danger.”

Wray's testimony highlighted a recent discovery where the FBI identified Wi-Fi routers infected with malware originating from a Chinese government-sponsored hacking group, Volt Typhoon. This proficient threat group demonstrated capabilities to infiltrate critical infrastructure sectors, such as communications, energy, transportation, and water. While the FBI managed to disrupt Volt Typhoon, the threat persists, requiring ongoing vigilance and resources.

To mitigate these threats, the FBI is actively investing in enhancing its capabilities, including cybersecurity and criminal investigations, as well as building partnerships with public and private sectors and international allies. The President's Fiscal Year 2024 Budget Request includes additional funding to support these efforts.

In a related advisory, CISA has collaborated with the FBI to address the issue of malicious cyber actors exploiting insecure small office/home office (SOHO) routers, with a particular focus on the Chinese-backed Volt Typhoon group. These actors compromise SOHO routers by exploiting software vulnerabilities, using them as launchpads for further attacks, including those targeting critical infrastructure. The advisory emphasizes the importance of "secure by design" principles for manufacturers, urging them to prioritize security during product development and maintenance, automate security updates, and enhance default security configurations. This approach is essential to counter the threat of Volt Typhoon and other cyber threats effectively.