Thursday, November 21, 2024

FBI disrupts Chinese cyber operation targeting critical infrastructure in the US

0
FBI disrupts Chinese cyber operation targeting critical infrastructure in the US


WASHINGTON — The FBI has disrupted a group of Chinese hackers who were working at the direction of the Chinese government to infiltrate critical infrastructure in the U.S. and other countries and to spy on and steal data from universities, government agencies and others, Director Chris Wray said Wednesday.

The hacking campaign known as Flax Typhoon installed malicious software on thousands of internet-connected devices, including cameras, video recorders, and home and office routers, to create a massive botnet — a network of infected computers.

“Flax Typhoon’s actions caused real harm to its victims, who had to devote precious time to clean up the mess when they discovered the malware,” Wray said at the Aspen Cyber Summit.

The FBI and Justice Department, which obtained a warrant to seize the botnet’s infrastructure, did not identify any of the targets by name but said they included universities, government agencies, telecommunications providers, media organizations and nongovernmental organizations. Half of the hijacked devices were located in the U.S., Wray said.

“This was another successful disruption, but make no mistake — it’s just one round in a much longer fight,” Wray said. “The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies, and we’ll continue to work with our partners to identify their malicious activity, disrupt their hacking campaigns, and bring them to light.”

Flax Typhoon was described in a Microsoft report in August 2023 that said the group had stepped up its targeting of Taiwanese organizations as well as government agencies in other countries.

The disruption was revealed nine months after Wray disclosed to Congress a separate takedown of a Chinese state-sponsored hacking group known as Volt Typhoon, in which U.S.-based small office and home routers owned by private citizens and companies were hijacked by hackers to cover their tracks as they sowed the malware. Their ultimate targets included water treatment plants, the electrical grid and transportation systems across the U.S.

Leave a Reply

Your email address will not be published. Required fields are marked *