Ongoing Cyber Threat: China’s Hackers Consistently Target US Water and Electricity Supplies

Matt Burgess Dhruv Mehrotra

An indictment from the US Department of Justice may have solved the mystery of how disgraced cryptocurrency exchange FTX lost over $400 million in crypto. The indictment, filed last week, alleges that three individuals used a SIM-swapping attack to steal hundreds of millions in virtual currency from an unnamed company. The timing and the amount stolen coincides with FTX’s theft. Meanwhile, in a letter obtained by WIRED this week, seven lawmakers have demanded the DOJ stop funding biased and inaccurate predictive policing tools until the agency has a way to ensure law enforcement won’t use them in a way that has a “discriminatory impact.”

In Florida, prosecutors say a 17-year-old named Alan Winston Filion is responsible for hundreds of swatting attacks around the United States. The news of his arrest was first reported by WIRED days before law enforcement made it public. It was the culmination of a multi-agency manhunt to piece together a trail of digital breadcrumbs left by the teenager. In Ukraine, unmanned aerial vehicles have been powerful tools since the Russian invasion began in February 2022. But as the war rages on, another kind of unmanned robot has increasingly appeared on the front-lines: the unmanned ground vehicle, or UGV.

For months lawyers affiliated with an India based hacker-for-hire firm called Appin Technology have used legal threats to censor reporting about the company’s alleged cyber mercenary past. The EFF, Techdirt, MuckRock, and DDoSecrets are now pushing back, publicly sharing details for the first time about the firm’s efforts to remove content from the web. It’s a dangerous world out there, so we’ve also got a list of some major patches issued in January that you can use to update your devices to keep them secure.

And there’s more. Each week, we emphasize the news we didn’t extensively cover ourselves. For full reports, click on the following headlines. Stay safe.

Western security personnel have repeatedly expressed concerns about China’s large-scale data acquisition and the infiltration of sensitive systems by its hackers. This week, Christopher Wray, FBI Director, brought to light that hackers associated with the Chinese Communist Party, are persistently putting US critical infrastructure under attack. The targeted infrastructure includes oil and gas pipelines, water treatment plants, and the electrical grid. His testimony, presented before a House subcommittee discussing China-related matters, was revealed concurrently when the FBI announced that they managed to remove malware from numerous home and office-based routers, previously manipulated by the Chinese hacking group Volt Typhoon.

Wray stated, during his public address, that Chinese hackers were positioning themselves against the US infrastructure with an intent to cause substantial harm and spread chaos among American citizens and local communities. He further highlighted that these actions against civilians are part of China’s orchestrated plan. Stressing the magnitude of China’s hacking operation, Wray claimed it to be larger than every other principal nation combined. He also established that even if all cyber-focused FBI agents were assigned to address China-related issues, the FBI would still be outnumbered by at least a 50 to 1 ratio.

Although worries about the magnitude of China’s espionage and cyber operations aren’t a novel concern, American intelligence agencies have been progressively outspoken and anxious about critical establishments being targeted by not only Volt Typhoon but by other groups as well. The NSA had previously warned in November that the threat is profoundly sophisticated and widespread. Back in May 2023, Microsoft made it public that they had been noticing Volt Typhoon breaching into US state communications, transportation infrastructure, and various other critical sectors, including Guam.

Medea Giordano

Aarian Marshall

Jennifer M. Wood

David Gilbert

The FBI and DOJ have this week revealed that they remotely removed the KV Botnet malware from hundreds of routers infected by Volt Typhoon. The affected routers, produced by Cisco and Netgear, were nearing the end of their useful life, but were being utilised as part of larger operations.

The Volt Typhoon malware allowed China to obscure, among other activities, pre-operational reconnaissance and network exploitation against our critical infrastructure like our communications, energy, transportation, and water sectors. It isn’t the first time US officials have acquired a court order to remotely wipe devices infected by hackers, but the action is nonetheless uncommon.

Since cryptocurrencies first appeared more than a decade ago, there has been a belief that these blockchain-based digital currencies are anonymous and untraceable. In actuality, they are very traceable. Research has indicated how individuals can be associated with the transactions they make, and legal authorities have used such methods to aid in busting illegal dark web markets and apprehending pedophiles. Nonetheless, a few privacy-focused cryptocurrencies, like Monero, that appear to be less traceable than Bitcoin are in existence. These are increasingly being used by distributors of child sexual abuse materials.

In recent news, investigators in Finland revealed that Moreno-tracing assisted in uncovering the identity of a hacker purportedly responsible for a 2020 attack on psychotherapy company Vastaamo where thousands of patient records were stolen and threatened to be leaked in the absence of a ransom payment. The National Bureau of Investigation in Finland claims they used heuristic analysis to infer the destination of moved funds. They did not reveal how they supposedly traced the Monero payments, nonetheless, it adds to the growing body of evidence hinting at the capabilities of cryptocurrency tracing firms and investigators to track such currency.

Recently, planes soaring over Europe have experienced an increase in accuracy issues with navigation GPS systems. The head of Estonia’s Defense Forces has attributed this interference to Russia in an interview with Bloomberg. Russia may be testing its electronic warfare capabilities and “learning” the most effective methods, claims Martin Herem. Throughout Europe, particularly in the Baltics region, GPS jamming has reportedly increased, with Finland reporting significant disturbances in December and pilots consistently reporting issues with their navigation systems.

In 2017, the Vault 7 leaks exposed some of the CIA’s most sophisticated hacking tools, including how the agency could compromise routers, phones, PC, and TVs. Joshua Schulte, a former CIA engineer in the agency’s Operations Support Branch who prosecutors identified as being behind the data breach and responsible for leaking the materials to Wikileaks, was convicted in numerous trials in recent years. Schulte, who denied the allegations, has been sentenced to 40 years in prison for the espionage and also for possessing thousands of child abuse images. Judge Jesse Furman, sentencing Schulte, said he had caused “untold damage to national security.” In June 2022, The New Yorker published this comprehensive investigation into the data breach and Schulte’s troubled history working at the agency.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Demystifying 802.11x: An Explanation of Wi-Fi Standards and Speeds

Next Article

Canalys Predicts Strong Growth and Optimism in the MSP Sector: A Detailed Study

Related Posts