Security Snippets: Critical infrastructure is a key target of China-sponsored hackers

Hogan Lovells
Contact

Hogan Lovells

Companies should review their resiliency, vendors, suppliers, and plans for partnering with the FBI in case of a cyber event, says FBI.


The People’s Republic of China (PRC) is positioning itself to “physically wreak havoc on our critical infrastructure at a time of its choosing,” according to FBI Director Christopher Wray.

Wray warned that every sector is at risk as the PRC plans to disrupt critical infrastructure to “induce panic and break America’s will to resist.” Highlighting the scale of China’s cyber activity, Wray noted that China’s outsized hacking program is larger than the programs of every other major nation combined.

Even in 2011, Chinese state-sponsored hackers targeted oil and natural gas operators. When faced with a honeypot of decoy documents, hackers exfiltrated sensitive organizational information and data related to supervisory control and data acquisition (SCADA) networks. The hackers left financial and business-related information behind, which led CISA and the FBI to conclude that these strategic intrusions were part of a plan by the People’s Republic of China to position itself for future operations to physically damage or otherwise disrupt pipelines.

Wray emphasized that PRC cyberattacks on U.S. critical infrastructure are “broad and unrelenting.”

Earlier this year, China-sponsored hackers known as Volt Typhoon targeted critical infrastructure in the communications, energy, transportation, and water sectors. These attackers operated a botnet to conceal their activity as they used “living-off-the-land" techniques to exploit tools on victim networks and maintain persistence. The FBI, NSA, and CISA flagged that by infiltrating critical infrastructure, the People’s Republic of China could use that network access to disrupt entire industries as part of its strategy in geopolitical tensions or military conflicts.

Companies can play a central role in protecting critical infrastructure. The FBI recommends the following measures to partner with the FBI and bolster U.S. defences against PRC cyberattacks:

  • Resiliency planning: Develop, test, and exercise an incident response plan, which should include identifying crown jewels, having a recovery plan, and contacting the FBI for assistance.
  • Hardware and supply chain transparency: Vet vendors, their security practices, and know who is building hardware and software that will have access to the network.
  • FBI coordination: Reach out to the local FBI field office for assistance, even before there is indication of a problem, to contribute to the company’s readiness.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Hogan Lovells

Written by:

Hogan Lovells
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Hogan Lovells on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide