Homeland Security Committee Chairman Rep. Mark Green (R-TN) and Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino (R-NY) released a joint statement that said a Chinese state-sponsored cyber tool, Volt Typhoon, was infiltrating U.S. systems.
“We are extremely concerned by the news of Chinese state-sponsored malicious activity against U.S. critical infrastructure networks, and the activity in Guam is especially concerning considering the heightened risk to the U.S. military. Just this year, the intelligence community warned about the grave threat posed to America’s critical infrastructure by the Chinese Communist Party (CCP) in its annual threat assessment,” Green and Garbarino’s statement said. “It is clearer than ever that our adversaries in Beijing will stop at nothing to conduct surveillance and infiltrate our networks in their quest to bring America to its knees, and this malicious activity is one more stark example.”
Microsoft discovered the breach and reported Volt Typhoon was after critical infrastructure systems, attempting to gather information without being detected, the statement said.
“Our committee is charged with securing the homeland, and we must be nimble to address the increasingly complex threats we face within the cyber domain. It is extremely concerning to see adversaries using built-in network administration tools within the domestic infrastructure to carry out these attacks. Critical infrastructure owners and operators across the U.S. should implement the mitigation recommendations listed in the advisory as soon as possible to prevent cascading impacts across these critical sectors that support our economy and way of life,” their statement said. “As Chairman of the Homeland Security Committee and Chairman of the Subcommittee on Cybersecurity and Infrastructure Protection, we will request a briefing to better understand the scope of this activity and the resources needed to defend against any renewed threat. Congress must do everything it can to empower and equip CISA to support critical infrastructure owners and operators to defend their networks. The time for decisive action is now.”
Green and Garbarino released the statement in a joint Cybersecurity Advisory (CSA) by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and FBI, saying that this cyber activity of Volt Typhoon poses a real threat and shows that China has no boundaries.
Green and Garbarino’s statement quoted the 2023 Annual Threat Assessment from the Office of the Director of National Intelligence, which said, “China probably currently represents the broadest, most active, and persistent cyber espionage threat to U.S. Government and private-sector networks.”
The Washington Examiner reported that officials are alarmed particularly about the cyber-attacks on Guam, as it threatens American military operations in the Indo-Pacific.
Microsoft reported that Volt Typhoon has been collecting data since 2021 for China. Volt Typhoon has mainly used a technique known as “living off the land” to emphasize stealth in its operations.
Garbarino and Green’s statement emphasized the importance of the “cyber domain” to protect the homeland. They said that the intelligence community warned about the threat that China posed. The “Chinese state-sponsored cyber activity by Volt Typhoon is that warning fulfilled.”
