The latest hacking attempt is party of China’s Volt Typhoon cyber campaign.
Hacking groups affiliated to China have been targeting important infrastructural assets in the United States, including power and water utilities, The Washington Post has said in a report. These hackers are linked to China’s People’s Liberation Army (PLA) and have penetrated the computer systems of at least two dozen critical entities in the past year, the outlet further said quoting US government and industry officials. Some of the services attacked include a water utility in Hawaii, a port on the US West Coast, and an oil and gas pipeline.
The Post said in its report that these intrusions are part of a broader effort for China to create chaos, cause panic and disrupt logistics in the US.
The hackers also attempted to break into Texas’ power grid, which operates independently from electrical systems in the rest of the country.
This new information gives a complete picture of China’s Volt Typhoon cyber campaign, first detected about a year ago by the US government, the outlet further said.
None of the intrusions affected any critical function or caused a disruption but officials are concerned about the attack on Hawaii, which is home to the Pacific Fleet of the US Navy. Officials quoted by The Washington Post said the attention to Hawaii indicates that the Chinese military wants to complicate US effort to send troops to the region if a conflict breaks out over Taiwan.
“It is very clear that Chinese attempts to compromise critical infrastructure are in part to pre-position themselves to be able to disrupt or destroy that critical infrastructure in the event of a conflict, to either prevent the United States from being able to project power into Asia or to cause societal chaos inside the United States – to affect our decision-making around a crisis,” Brandon Wales, executive director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), told The Washington Post.
“That is a significant change from Chinese cyber activity from seven to 10 years ago that was focused primarily on political and economic espionage,” he added.
What the hackers stole?
The report said that the hackers tried to mask their tracks by using devices such has home or office routers before finally reaching their victims.
Their goal was to steal employee credentials so that they can return as normal users, instead of a back door entry.
“You’re trying to build tunnels into your enemies’ infrastructure that you can later use to attack. Until then you lie in wait, carry out reconnaissance, figure out if you can move into industrial control systems or more critical companies or targets upstream. And one day, if you get the order from on high, you switch from reconnaissance to attack,” said Joe McReynolds, a China security studies fellow at the Jamestown Foundation, a think tank.
The significance of Hawaii
The island of Oahu is home to the Pacific Fleet and any disruption could weaken the US’ timely activation for critical movement of the its navy to help Taiwan.