The Chinese military is ramping up its ability to disrupt key American infrastructure, including power and water utilities as well as communications and transportation systems, according to U.S. officials and industry security officials.
Hackers affiliated with China’s People’s Liberation Army have burrowed into the computer systems of about two dozen critical entities over the past year, these experts said.
The intrusions are part of a broader effort to develop ways to sow panic and chaos or snarl logistics in the event of a U.S.-China conflict in the Pacific, they said.
Among the victims are a water utility in Hawaii, a major West Coast port and at least one oil and gas pipeline, people familiar with the incidents told The Washington Post. The hackers also attempted to break into the operator of Texas’s power grid, which operates independently from electrical systems in the rest of the country.
Several entities outside the United States, including electric utilities, also have been victimized by the hackers, said the people, who spoke on the condition of anonymity because of the matter’s sensitivity.
None of the intrusions affected industrial control systems that operate pumps, pistons or any critical function, or caused a disruption, U.S. officials said.
But they said the attention to Hawaii, which is home to the Pacific Fleet, and to at least one port as well as logistics centers suggests the Chinese military wants the ability to complicate U.S. efforts to ship troops and equipment to the region if a conflict breaks out over Taiwan.
These previously undisclosed details help fill out a picture of a cyber campaign dubbed Volt Typhoon, first detected about a year ago by the U.S. government, as the United States and China struggle to stabilize a relationship more antagonistic now than it has been in decades.
Chinese military commanders refused for more than a year to speak to American counterparts even as close-call intercepts by Chinese fighter jets of U.S. spy planes surged in the western Pacific. President Biden and Chinese President Xi Jinping agreed only last month to restore those communication channels.
“It is very clear that Chinese attempts to compromise critical infrastructure are in part to pre-position themselves to be able to disrupt or destroy that critical infrastructure in the event of a conflict, to either prevent the United States from being able to project power into Asia or to cause societal chaos inside the United States —
to affect our decision-making around a crisis,” said Brandon Wales, executive director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). “That is a significant change from Chinese cyber activity from seven to 10 years ago that was focused primarily on political and economic espionage.”
Morgan Adamski, director of the National Security Agency’s Cybersecurity Collaboration Center, confirmed in an email that Volt Typhoon activity “appears to be focused on targets within the Indo-Pacific region, to include Hawaii.”