Potential Chinese cyber offensives pose a serious risk to vital pipelines and transportation systems in the face of open conflict, warns CISA director Jen Easterly. U.S. cybersecurity bodies and law enforcement agencies have repeatedly expressed concerns over China's cyber capabilities for months amidst escalating tensions over the Taiwan Strait.
Chinese hackers had managed to breach critical U.S. military and private sector infrastructure earlier this year. The U.S. chief cybersecurity official characterized China's cyber espionage and sabotage skills as a "defining threat of our era." She emphasized that in the event of open hostilities, "forceful cyber activities" could compromise crucial U.S. transportation networks "to incite societal chaos."
"The primary threat we need to brace ourselves for is this," Cybersecurity and Infrastructure Security Agency director Jen Easterly stated during a Monday event at the Aspen Institute in Washington, D.C. Easterly was responding to an inquiry about the recent revelation of Chinese breaches into U.S. military and private sector networks.
The group behind the attack, christened "Volt Typhoon" by Microsoft, was directly tied to the cyber warfare capabilities of the Chinese government. Easterly cautioned that similar hacking collectives could target pipelines and railways in the event of overt conflict between the U.S. and China. "Preventing such disruptions will be an enormous challenge for us," asserted Easterly.
"We, the American populace, must recognize not only the necessity of cyber resilience but also the crucial need for operational and societal resilience," Easterly further emphasized.
This candid alert comes amidst a period of increased geopolitical strain. Compared to just a year ago, corporate leaders have significantly less understanding of prospective Chinese collaborators or customers.
Thwarting cyber threats from China and other Asian nations has taken precedence for the U.S. government, which is now more explicitly highlighting the connections between the Chinese government and various hacking entities.
Chinese cyber intrusion and espionage remain consistent concerns for American enterprises. Intellectual property theft by Chinese corporations has been a method to level the playing field with American rivals.
Easterly's stark warning implies that the U.S. government is more prepared to emphasize the risks beyond simple espionage. Any disruption to critical pipelines, communication systems, or transportation services could debilitate the U.S. economy in the event of a conflict.
For instance, the cyber attack on the Colonial Pipeline that led to airline disruptions and fuel shortages across the East Coast. The initial cost of the Russian-led attack was $5 million to the company.
"I believe the most crucial concern for those managing or operating critical infrastructure is that we must be ready for disruptive attacks," Easterly pointed out. "I sincerely hope that it never comes to that," she added.