Chinese hackers embedded in U.S. networks for years, pre-positioning for future attacks, IC warns – By David DiMolfetta (Nextgov) / Feb 7, 2024
The intelligence community used a contested surveillance tool to detect the hacking attempts.
An advisory issued by the Cybersecurity and Infrastructure Security Agency warns that China-linked hackers have been operating inside certain U.S. systems for at least five years and are preparing to carry out destabilizing cyberattacks on critical infrastructure.
The notice was published in conjunction with other Western intelligence partners, including Australia and Canada, following an FBI operation announced last week that jettisoned the China-linked Volt Typhoon hacking campaign from botnet infrastructure that was helping the cyberspies burrow inside compromised routers and other hardware.
“Our evidence strongly suggests that the PRC actors are pre positioning to launch future disruptive or destructive cyber attacks that could cause impact to national security, economic security or public health and safety,” CISA Executive Assistant Director Eric Goldstein told reporters during a briefing on the advisory.