Chinese state-sponsored hackers have infiltrated outdated Wi-Fi routers in American homes and offices in preparation for attacks on power grids and water supplies.
A U.S. government investigation has revealed that hundreds of older routers were infected with malware by a Chinese government-backed hacker group known as Bolt Typhoon.
The FBI announced Wednesday that it had removed malware that was distributed to an unsuspecting American’s router in an effort to gain a foothold into the country’s critical national infrastructure.
The UK’s National Cyber Security Center previously warned that hackers backed by the Chinese state were attempting to infiltrate key UK infrastructure and hide inside computers to “evade detection”.
Last May, the Five Eyes intelligence network of the UK, US, Canada, New Zealand and Australia issued a joint statement urging infrastructure providers to be wary of the Chinese threat. The warning came after Bolt Typhoon hacked a US military outpost in the Pacific.
In October, Ken McCallum, the head of MI5, said there had been a “surge” in Chinese attempts to steal state secrets from Britain, warning a meeting of Western security chiefs: Before it’s too late. ”
bolt typhoon
On Wednesday, the FBI announced that Bolt Typhoon used malware to hide the fact that the hack was carried out by the Chinese government, and that the “vast majority” of affected routers were older Cisco and NetGear machines. He added that he was affected. I received recent security updates.
Unlike previous attacks, this hack targeted internet routers in small businesses and home offices, rather than government agencies or infrastructure providers.
FBI Director Christopher Wray warned Congress on Wednesday that the Chinese government is increasingly targeting civilians.
“They are not just focused on political and military objectives. If you look at where they are located across civilian infrastructure, you can see that low-hitting is not just a possibility in the event of a conflict. “We know that,” he told the House of Commons Select Committee on Competition with China.
“Low attacks on civilians are part of China’s plan. I want the American people to know that we cannot afford to remain silent about this danger.”
The commission’s chairman, Mike Gallagher, said the attack was “the cyberspace equivalent of planting bombs on America’s bridges, water treatment plants and power plants.”
“There is no economic benefit to these actions. There is no basis for collecting information,” he said. “The sole purpose is to prepare for the destruction of American infrastructure, which will inevitably result in mass American casualties.”
Hostile “botnet”
An analysis by cybersecurity firm Lumen finds that a hostile Chinese “botnet” has been active on U.S. routers for almost two years and is undetectable to users because it does not interfere with the router’s operation. .
This malware infects routers and attempts to connect to other machines and spread throughout the network.
Officials say the hackers’ ultimate goal is to access infrastructure networks and disrupt Americans’ daily lives.
Government cybersecurity experts have already discovered the presence of Chinese software in aviation, water, energy and transportation infrastructure, and yesterday warned the public must prepare for unexpected attacks.
The FBI has directed manufacturers to ensure that routers automatically install security updates and require manual overrides to remove security settings.
“The Department of Justice has thwarted a group of Chinese-backed hackers who used a botnet to target America’s critical infrastructure,” said U.S. Attorney General Merrick Garland.
“The United States will continue to dismantle malicious cyber operations, including those sponsored by foreign governments, that undermine the safety of the American people.”
China had previously described U.S. accusations of sponsoring hacks of U.S. civilians as “misinformation.”
Broaden your horizons with award-winning British journalism. Try The Telegraph for free for 3 months. Get unlimited access to award-winning websites, exclusive apps, savings and more.
