China /

Defense Officials Hunting Down Chinese Malware Hidden In U.S. Critical Infrastructure

Congressional official calls the malicious code 'a ticking time bomb'

U.S. officials are scrambling to identify malicious code that China may have embedded in infrastructure that controls U.S. power grids, communications, and water supplies that feed military brs in the U.S and around the globe.

A congressional official who spoke with the New York Times called the malware “a ticking time bomb” that could give China the ability to disrupt U.S. military deployments or resupply operations.

Suspicion over the malware began in May, after Microsoft warned of malicious activity targeting military facilities in Guam and the U.S.  According to the computer giant, China was leveraging a cyber actor known as Volt Typhoon that focused on espionage and information gathering, and was developing capabilities that could disrupt U.S. critical infrastructure during a future crisis.

Officials who spoke with the Times said the Chinese effort predates the report by at least a year, while adding that the U.S. government’s effort to track down the code has been ongoing for some time.

The officials, who spoke on condition of anonymity, acknowledged that the Chinese effort is more widespread than they initially thought, stating that American defense personnel don’t know the full extent of the code’s presence in global networks because of how well it is hidden.

“Cyber actors find it easier and more effective to use capabilities already built into critical infrastructure environments. A PRC state-sponsored actor is living off the land, using built-in network tools to evade our defenses and leaving no trace behind,” Rob Joyce, National Security Agency (NSA) Cybersecurity Director, said in a joint-statement addressing the cyber-threat in May. “That makes it imperative for us to work together to find and remove the actor from our critical networks.”

Last month, NSA Deputy Director George Barnes said, “China is steadfast and determined to penetrate our governments, our companies, our critical infrastructure.”

“We have consistently made clear that any action that targets US government, US companies, American citizens, is a deep concern to us and that we will take appropriate action to hold those responsible accountable and the secretary made that clear again,” a senior State Department official told CNN.

*For corrections please email [email protected]*