FBI issues dramatic public warning: Chinese hackers are preparing to 'wreak havoc' on the US

FYI:

Video of today's congressional testimony of FBI Director Chris Wtay on the current threat of Chinese government hackers to a vast array of US critical infrastructure. [8 min. long]

https://www.youtube.com/watch?v=prsWw4q8XOM

 

Seriously, "scare the public" is big these days. Are we getting read to do something?

 

It is because the question here should be "Why is critical infrastructure on an internationally accessible network?"

 

This is nothing new.

 

Yes, that's obscurely even more scary, in my opinion.

 

Chinese malware removed from SOHO routers after FBI issues covert commands

Dan Goodin - 1/31/2024, 6:34 PM

"The US Justice Department said Wednesday that the FBI surreptitiously sent
commands to hundreds of infected small office and home office routers to
remove malware China state-sponsored hackers were using to wage attacks
on critical infrastructure."

"The routers - mainly Cisco and Netgear devices that had reached their end of
life - were infected with what's known as KV Botnet malware, Justice Department
officials said. Chinese hackers from a group tracked as Volt Typhoon used the
malware to wrangle the routers into a network they could control. ..."

https://arstechnica.com/security/20...oho-routers-after-fbi-issues-covert-commands/

 

Cybersecurity Advisory

PRC State-Sponsored Actors Compromise and Maintain Persistent Access
to U.S. Critical Infrastructure

Release Date February 07, 2024

Alert Code AA24-038A

"The Cybersecurity and Infrastructure Security Agency (CISA), National Security
Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s
Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position
themselves on IT networks for disruptive or destructive cyberattacks against
U.S. critical infrastructure in the event of a major crisis or conflict with
the United States."

"CISA, NSA, FBI and the following partners are releasing this advisory to warn
critical infrastructure organizations about this assessment, which is based on
observations from the U.S. authoring agencies’ incident response activities at
critical infrastructure organizations compromised by the PRC state-sponsored
cyber group known as Volt Typhoon (also known as Vanguard Panda,
BRONZE SILHOUETTE, Dev-0391, UNC3236, Voltzite, and Insidious Taurus):

U.S. Department of Energy (DOE)

U.S. Environmental Protection Agency (EPA)

U.S. Transportation Security Administration (TSA)

Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)

Canadian Centre for Cyber Security (CCCS), a part of the Communications Security
Establishment (CSE)

United Kingdom National Cyber Security Centre (NCSC-UK)

New Zealand National Cyber Security Centre (NCSC-NZ) "
...

(In-depth analysis follows.)

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a

 

These actions, of course, should not come as a surprise.
The US opened the doors with Stuxnet, and consolidated their actions by bugging the phones [eg. Angela Merkel] of their allies.
It seems only fair that they now are the recipients of the the same actions that they instigated.