Select Committee on CCP holds hearing on Chinese threat to American homeland, infrastructure
The Select Committee on the Chinese Communist Party (CCP) conducted a hearing on Wednesday to address the CCP’s threat to the American homeland. The objective of this move is to increase awareness and emphasize the risks associated with nation-state hackers who possess the ability to inflict significant damage and real-world harm on Americans. These actors achieve this by launching destructive cyber attacks that specifically target U.S. critical infrastructure and supply chains.
U.S. Rep. Mike Gallagher, a Republican from Wisconsin, and Rep. Raja Krishnamoorthi, a Democrat from Illinois, chairman and ranking member of the Select Committee on the Chinese Communist Party, held a hearing. The witnesses at the hearing included Paul Nakasone, U.S. Cyber Command Commander General; Christopher Wray, FBI director; Jen Easterly, CISA director; and Harry Coker, National Cyber Director.
The Select Committee on the CCP is committed to working on a bipartisan basis to build consensus on the threat posed by the CCP and develop a plan of action to defend the American people, its economy, and its values.
“For over 20 years, the CCP has been attacking us —our government, our defense contractors, our technology firms —in cyberspace,” Gallagher outlined in his opening statement. “For a long time, these attacks were focused on theft, robbing us of invaluable technology that was then used to drive China’s military modernization. Another focus of attack has been gathering sensitive information on hundreds of millions of Americans,” he added.
Identifying that this wasn’t enough for the CCP, Gallagher said that in the past few years, “our intelligence and cybersecurity agencies have discovered that the CCP has hacked into American critical infrastructure for the sole purpose of disabling and destroying our critical infrastructure in the event of a conflict, likely over Taiwan.”
Gallagher detailed that Chinese hackers have put malware in water utilities, oil and gas pipelines, power grids, and other utilities in westernmost territories and across the American homeland.
“It is time to wake up and recognize the full scope and scale of the PRC cyber threat to America. This is not just a government problem,” Gallagher identified. “This is a whole of society problem. It will take unprecedented collaboration between the public and private sectors to create the kind of layered cyber deterrence we need to prevent disaster.”
Ranking Member Krishnamoorthi said that “CCP hackers even attempted to access the Texas electric grid. The purpose was to install malware that once activated would disrupt and damage the infrastructure… to potentially harm us in a time of conflict.”
“While cyberspace threats have increased, our force to counter these threats are stronger and more capable. USCYBERCOM and NSA are using our capabilities and partnerships to deny the PRC opportunities, frustrate their strategic efforts, and systematically eradicate intrusions,” Nakasone wrote in his written statement. “One significant contribution in our ability to counter these threats is our relationship with the private sector. USCYBERCOM and NSA’s partnerships with industry have underpinned the U.S. Government’s ability to track, detect, and mitigate PRC’s activity against U.S. infrastructure at scale.”
Nakasone pointed out that one example of the impact of these strong relationships was demonstrated in the May 2023 Cybersecurity Advisory, which was the first documented PRC activity against U.S. critical infrastructure, referred to publicly as Volt Typhoon. “For the first time ever, 11 different industry partners co-sealed the NSA advisory along with our interagency partners. Additionally, other industry partners contributed behind the scenes in partnership with the Cybersecurity Collaboration Center.”
Easterly said that over the last two years, “we have become increasingly concerned about a strategic shift in PRC malicious cyber activity against U.S. critical infrastructure. As the Director of National Intelligence highlighted last year,1 the PRC is accelerating the development of military capabilities—including cyber operations—it believes are needed to deter and confront the United States.”
“We are deeply concerned that PRC actors—particularly a group referred to in industry reporting as Volt Typhoon—are seeking to compromise U.S. critical infrastructure to pre-position for disruptive or destructive cyber attacks against that infrastructure in the event of a conflict to prevent the United States from projecting power into Asia or to cause societal chaos inside the United States,” Easterly added. “Our intelligence community has noted that some of the entities impacted by this activity are not targeted for their intelligence value, but are instead targeted for potential disruptive or destructive attacks.”
Easterly also flagged that working with government and industry partners, “we are assisting several critical infrastructure entities across multiple sectors that already have been compromised by Volt Typhoon actors. In many cases, the PRC actors are maintaining presence on victim organization networks by using advanced techniques that make finding and remediating such intrusions more challenging than with more commonly used tactics.”
Wray emphasized that sharing information and enabling partners is part of the FBI’s continued move away from pursuing only indictments and arrests and towards a playbook “where we work with government and industry partners around the world to execute joint, sequenced operations. That is how we impose the greatest possible costs on our adversaries and best protect our country.”
He added that the willingness of the Department of Justice (DoJ), including the FBI, to publicly attribute and expose damaging cyber intrusions by Russia, China, Iran, and North Korea has undermined those governments’ denials and created a platform for U.S. allies to condemn destabilizing cyber activity and impose costs of their own. “Our decisions on how best to disrupt a cyber threat are guided by an assessment of which actions will most strengthen cybersecurity, regardless of who takes the shot or gets the credit.In coordination with our partners, the FBI has successfully disrupted numerous nation-state campaigns and cybercriminal enterprises.”
Wray pointed out that “continued success will require repeated operations with our U.S. counterparts and foreign allies, and we must eliminate the sense of impunity many of these actors currently feel. Yes, the cyber threat is daunting, but when we combine the right people, the right tools, and the right authorities, we best protect our critical infrastructure.”
NCD’s Coker said that improving the cybersecurity posture and resilience of critical infrastructure is a key pillar of the President’s National Cybersecurity Strategy. “In conjunction with our other work to disrupt and dismantle threat actors; shape market forces to drive security and resilience; invest in a resilient future; and forge international partnerships to pursue shared goals, we are making progress to achieve the bold vision the President set out for the country.”
He added “But we will not achieve that vision –and take back the initiative from PRC threat actors–without the foundational partnerships we rely on, including with Congress. Further strengthening those partnerships is a key priority of mine and of the Administration. Cybersecurity requires unity of effort.”
Related
