FBI says more cyber attacks come from China than everywhere else combined
Currently investigating over 2,000 attacks on US targets – new file every 12 hours
US Federal Bureau of Investigation director Christopher Wray has named China as the source of more cyber-attacks on the USA than all other nations combined.
In a Monday speech titled Countering Threats Posed by the Chinese Government Inside the US, Wray said the FBI is probing over 2,000 investigations of incidents assessed as attempts by China's government "to steal our information and technology."
"The Chinese government steals staggering volumes of information and causes deep, job-destroying damage across a wide range of industries – so much so that, as you heard, we're constantly opening new cases to counter their intelligence operations, about every 12 hours or so."
Wray rated China's online offensive as "bigger than those of every other major nation combined," adding it has "a lot of funding and sophisticated tools, and often joining forces with cyber criminals – in effect, cyber mercenaries."
"They're not just hacking on a huge scale but causing indiscriminate damage to get to what they want. Like in the recent Microsoft Exchange hack, which compromised the networks of more than 10,000 American companies in a single campaign alone," he added.
- Whistleblower claims NSO offered 'bags of cash' for access to US phone networks
- Russia starts playing by the rules: FSB busts 14 REvil ransomware suspects
- US bags Russian accused of bagging millions after stealing pre-release financial filings
Wray said China sometimes directs attacks by government-owned companies but doesn't have to rely on such entities because businesses are required to maintain a Communist Party Committee comprised of Party members who are placed in senior management positions. "Within China, they force US companies to partner with Chinese government-owned ones to do business in China, and then abuse and exploit those partnerships," Wray added.
"In 2015, the Chinese government publicly promised to stop handing hacked US technology to Chinese companies, but their cyber theft program kept going strong."
The director also said China has ignored the mutual 2015 no-hack pact between the Middle Kingdom and the USA.
"And in the years since, they've hit ever more companies and workers. We've seen small companies developing important medicines ransacked. We've seen big managed service providers remotely managing IT services for thousands of other businesses hacked, so the Chinese government could hijack their trusted connections with their customers and hack those companies, too."
Wray insisted that China's actions hurt the US economy – as in the case of a wind turbine maker that has shrunk from 900 to 300 staff after Chinese attackers stole some of its source code.
On the other hand, the director did say the USA and its allies have had some wins, though his sole example was action against Huawei. That company's difficulties serve as a demonstration to China that its aggression hurts its own businesses too.
"There is so much good we could do with a responsible Chinese government: crack down on cyber criminals, stop money launderers, reduce opioid overdose deaths. But at the FBI, we're focused on the reality of the Chinese government today."
Wray said the Bureau thinks a "long fight" against China is now in prospect, "and everyone involved in that fight can be certain that you will have no more committed partner than the FBI." ®
- Black Hat
- Central Intelligence Agency
- China Mobile
- China telecom
- China Unicom
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Cyberspace Administration of China
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Federal government of the United States
- Foreign Intelligence Surveillance Act
- Great Firewall
- Hong Kong
- Identity Theft
- Kenna Security
- New Mexico
- Palo Alto Networks
- Semiconductor Manufacturing International Corporation
- Trusted Platform Module
- United States Armed Forces
- United States Department of Commerce
- Uyghur Muslims
- Zero trust