China’s Attacks On Critical Infrastructure Tip Of Iceberg
The head of the Cybersecurity and Infrastructure Security Agency (CISA) described Chinese cyberattacks against U.S. critical infrastructure as the most serious threat to the nation she has seen in her 30-plus year career.
CISA Director Jen Easterly made the assessment in front of lawmakers during an April 30 hearing of the House Appropriations Subcommittee on Homeland Security while responding to questions about a proposed boost to CISA’s annual budget.
Under the fiscal 2024 budget proposed by President Joe Biden, funding for CISA would increase by $150 million to $3.01 billion. Easterly said a sizable portion of the increase would go towards strengthening the agency’s cyber threat hunting capabilities, with an emphasis on better securing critical infrastructure.
During the past fiscal year, CISA’s hunt teams conducted 97 engagements across federal, state, local and private critical infrastructure entities covering multiple sectors, including communications, water, power and transportation.
The engagements helped unearth Volt Typhoon, a Chinese advanced persistent threat group responsible for infiltrating several critical infrastructure systems.
Despite the hunt teams’ successes, Easterly said the threats CISA and its partners were able to discover and eradicate from critical systems were feared to be just “the tip of the iceberg” in terms of the extent of foreign infiltration.
“We’ve long been focused on cyber threats. Typically, it’s been about data theft, intellectual property theft, espionage. Over the past year we have seen this evolution to pre-positioning into critical infrastructure, specifically for disruption and destruction,” she said.
“We believe that this is just the tip of the iceberg and so we are working with critical infrastructure owners and operators across the country to make sure that they understand this threat, that they can identify and detect this threat in their network, and that they can put in place mitigations that can allow them to reduce the risk of potential mass disruption.”
She told the subcommittee the situation represented “the most serious threat to our nation that I have seen in more than 30 years in the U.S. government.”
Easterly is not alone in expressing grave concerns about China’s recent actions. Officials have intensified their warnings about China’s cyberespionage efforts since last year’s discovery of Volt Typhoon’s multifaceted campaign. FBI director Christopher Wray has called the threat posed by Chinese actors “unprecedented.”
During Tuesday’s House hearing, subcommittee member Rep. Dan Newhouse, R-Wash., asked Easterly if CISA had ever discovered any Chinese-produced technology that it did not consider a cyber risk.
“I would have to say no to that,” she replied.
“I think just broadly we have to assume from everything that we are seeing that there is a very serious risk from Chinese cyber actors and we need to be very mindful of that when we’re building and deploying and using technology infrastructure.”
Easterly said another major chunk of the budget boost CISA was hoping for would go toward growing its field force — staff devoted to advising organizations she described as “target rich, cyber poor.”
As custodians of significant amounts of data or control over critical infrastructure, but with their limited IT budgets, organizations across sectors including education, health and water services benefited significantly from CISA’s guidance and assistance with services including vulnerability scanning, she said.
“We work together [with other agencies] to do probably over a thousand engagements now across the country working with these target rich, cyber poor entities — frankly, the ones who have been the victim of the scourge of ransomware — and we’ve really been able to help them improve their security and resilience by putting very basic things in place,” Easterly said.
“Ransomware is still in a pretty bad place — but I’ll tell you it would be much, much worse if we didn’t use the [CISA] budget to be able to help shore up some of these target rich, cyber poor entities across the country.”
READ MORE HERE