Join our brand new verified AMN Telegram channel and get important news uncensored!

‘Ticking bomb’ malware threatens to compromise US security

The destructive “wiper” malware seen in Ukraine. (Dreamstime/TNS)
August 06, 2023

This article was originally published by Radio Free Asia and is reprinted with permission.

The Biden administration is on the hunt for malware that may compromise military and civilian power grids, communications systems and water supplies, according to a report in the New York Times.

The malware, which is believed to have been inserted by Chinese hackers associated with the People’s Liberation Army, could seek to disrupt and slow down any reaction by the U.S. military should China move against Taiwan, U.S. officials told the Times.

One congressional official said the malware was “a ticking time bomb” that could make it possible for China to cut off power, water and communications to military bases.

The malware could equally impact the homes and businesses of ordinary Americans, the same official said.

In response to questions from the Times ahead of publication of the report, the White House released a statement Friday that refrained from directly mentioning China or the military bases.

“The Biden administration is working relentlessly to defend the United States from any disruptions to our critical infrastructure, including by coordinating interagency efforts to protect water systems, pipelines, rail and aviation systems, among others,” said Adam Hodge, acting spokesperson for the National Security Council.

The report comes just two months after Microsoft announced that the presumed Chinese hacking group Storm-0558 had not only infiltrated official email accounts of government agencies in Western Europe but had “gained access to email accounts affecting approximately 25 organizations including government agencies” in the United States.

Meeting on the margins of the Association of Southeast Asian Nations Foreign Ministers’ Meeting in Jakarta, U.S. Secretary of State Antony Blinken raised the Chinese cyberespionage attack targeting U.S. government emails with Wang Yi, China’s leading diplomat.

Blinken told Wang that any action that targets the U.S. government, U.S. companies or American citizens “is of deep concern to us, and that we will take appropriate action to hold those responsible accountable,” according to a senior State Department official.

Chinese hackers are believed to have targeted email accounts at the State Department and other agencies – including that of Commerce Secretary Gina Raimondo – from May and were discovered just before Blinken visited Beijing in June.

Disruption not surveillance

According to the Times, “more than a dozen U.S. officials and industry experts” said that it was increasingly becoming apparent that Chinese infiltration of U.S. systems went well beyond telecommunications, and that U.S. efforts to track it down and eliminate it had been underway for some time.

“Most spoke on the condition of anonymity to discuss confidential and in some cases classified assessments,” the Times wrote.

Officials said it was still unknown how pervasive the malware code was worldwide because it was particularly well hidden.

“China is steadfast and determined to penetrate our governments, our companies, our critical infrastructure,” Deputy Director of the National Security Agency George Barnes said at the Intelligence and National Security Summit earlier this month.

Relations between the U.S. and China are at an all-time nadir since the normalization of relations half a century ago, with the two superpowers clashing over Taiwan and restrictions on China’s access to high-tech semiconductor chips and both parties accusing the other of malicious activities in cyberspace.

The U.S. regularly accuses Beijing of hacker attacks against its agencies and infrastructure, and earlier this year, in a high-profile drama, it shot down a bus-size balloon off the South Carolina coast.

China routinely calls the U.S. “the biggest hacking empire and global cyber thief.”

Earlier this year a U.S. embassy spokesperson told RFA in an emailed comment: “Since last year, cyber security institutions from China and elsewhere in the world have issued reports to reveal [the] U.S. government’s cyber attacks against China over the years, but the U.S. has yet to make a response.”

Among other things, China has accused the U.S. of hacking into its telecommunications giant Huawei, which according to documents leaked by Edward Snowden it probably did.

However, the latest malware revelations suggest that China is upping its game beyond surveillance.

“The discovery of the malicious code in American infrastructure, one of Mr. Biden’s most senior advisers said, ‘raises the question of what, exactly, they are preparing for,’” the Times reported.

Microsoft first warned of the infiltration two months ago, singling out Guam – a key U.S. strategic asset in the Pacific – as a target, but later conceding that the malware is likely widely distributed and might be used to either disrupt a response by the U.S. to any regional conflict or distract the U.S. public by destabilizing local infrastructure.

In Washington, the Chinese embassy denied the veracity of the Times report.

“We have always firmly opposed and cracked down on all forms of cyberattacking in accordance with the law,” said Haoming Ouyang, an embassy spokesman.

“The Chinese government agencies face numerous cyberattacks every day, most of which come from sources in the U.S.,” he wrote, adding: “We hope relevant parties will stop smearing China with groundless accusations.”