US says it broke up China-backed infrastructure hacking op
US authorities said Wednesday they had dismantled a network of hackers known as Volt Typhoon, which was targeting key American public sector infrastructure like water treatment plants and transportation systems at the behest of China.
FBI Director Christopher Wray explained the operation in testimony before a congressional committee on US-China competition, and the Justice Department offered more details in a statement.
In May 2023, the United States and its allies had accused Volt Typhoon, described as a "statesponsored hacking group" backed by China, of infiltrating critical US infrastructure networks -claims rejected by Beijing.
"Just this morning, we announced an operation where we and our partners identified hundreds of routers that had been taken over by the PRC statesponsored hacking group known as Volt Typhoon," Wray told lawmakers, referring to China by its official acronym.
"The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation and water sectors."
Wray accused the hackers of readying to "wreak havoc and cause real-world harm to American citizens and communities."
"If and when China decides the time has come to strike, they're not focused just on political or military targets," he added. "Low blows against civilians are part of China's plan."
Assistant Attorney General Matthew Olsen, who works in the Justice Department's national security division, said access to US infrastructure sought by Volt Typhoon was something China "would be able to leverage during a future crisis."
The US operation to disrupt the hackers was authorized by a federal court in Texas, the Justice Department said in its statement.
By taking control of hundreds of routers, which were vulnerable as they were no longer supported by their maker's security patches or software updates, the hackers sought to disguise the origin of future China-based hacking activities, it said.
The operation succeeded in wiping the malware from the routers, without impacting their legitimate functions or collecting any information, it added, while saying there was no guarantee the routers could not be reinfected.
Asked about the allegations on Thursday, Beijing said the US had "made groundless accusations and smeared China without any evidence".
"This is extremely irresponsible and purely confuses right and wrong," foreign ministry spokesperson Wang Wenbin said.
"The US is the origin of and the expert on cyber attacks," he told a regular press briefing. — AFP