FBI Director Christopher Wray cautioned on Thursday that hackers associated with the Chinese government are waiting for "just the right moment to deliver a devastating blow" to critical infrastructure in the U.S.
During a speech at Vanderbilt University, Wray revealed that the Chinese hacking group, Volt Typhoon, has infiltrated numerous American companies operating in critical sectors such as energy and water.
He was speaking at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats.
At the event, National Security Agency Director Gen. Timothy D. Haugh also cautioned that China has been actively establishing access to critical networks in the United States ahead of any potential direct confrontation between the two nations.
Volt Typhoon has been operational since mid-2021, targeting a wide range of sectors including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education.
Wray said that China possesses the capability to inflict substantial damage on U.S. critical infrastructure at a time of its choosing.
China's hackers employ a network of botnets—collections of compromised personal computers and servers scattered worldwide—to camouflage their nefarious cyber operations, the FBI director said.
He added that the hackers have devised a strategy to target civilian infrastructure deliberately, aiming to induce panic. Wray said it is difficult to know the intent behind these preparations, but they coincide with China's overarching objective of impeding U.S. efforts to safeguard Taiwan.
China claims territorial sovereignty over Taiwan, a democratic entity, and has consistently refused to renounce using force to assert control over the island. Taiwan rejects China's claims of sovereignty and insists that the decision of its future lies solely with the people of the island.
A spokesperson from the Chinese Ministry of Foreign Affairs stated earlier this week that Volt Typhoon is not affiliated with the Chinese government but rather operates as a criminal ransomware group.
However, security researchers from Microsoft and Google have previously linked Volt Typhoon to China.
About a year ago, Microsoft published a report revealing that Volt Typhoon had been infiltrating the credentials and network systems of critical infrastructure entities in the U.S. Microsoft said the group's objective is to conduct espionage on organizations and penetrate their networks with the aim of remaining undetected for as long as possible.