Hackers linked to the Chinese government are waiting for the right moment to “deal a devastating blow” to U.S. critical infrastructure, FBI Director Christopher Wray said Thursday.
The Chinese hacking group known as Volt Typhoon has gained access to many American companies in critical sectors, including energy, water and more, Wray said during a speech at Vanderbilt University.
China has the “ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” Wray said, first reported by Reuters.
The hackers have a plan to “land low blows against civilian infrastructure to try to induce panic,” he said.
It’s difficult to know the intent of the preparation, but it was aligned with China’s broader goal to stop the United States from defending Taiwan, Wray said.
A spokesperson from the Chinese Ministry of Foreign Affairs said earlier this week that Volt Typhoon was not part of China’s government but part of a criminal ransomware group. Security researchers with Microsoft and Google previously connected Volt Typhoon to China, Reuters noted.
Wray said the hackers have compromised personal computers and servers around the world to conceal their activities.
Nearly a year ago, Microsoft released a report that showed Volt Typhoon had been accessing credentials and network systems of critical infrastructure organizations in the U.S. Volt Typhoon has been active since mid-2021 and has targeted communications, manufacturing, utility, transportation, construction, maritime, government, information technology and education sectors.
Microsoft said the group’s goal is to spy on organizations and gain access to their networks “without being detected for as long as possible.”
National Security Agency Director Gen. Timothy D. Haugh said at the event that China was securing access to the United States’s critical networks before a direct confrontation between the two countries would occur, The New York Times reported.