Jen Easterly, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), warned members of Congress on Jan. 31 that the electric grid remains a prime target for China’s cyber warfare forces intent on causing “societal panic” in a future conflict with the U.S.
Easterly spoke during a hearing on Capitol Hill before the House of Representatives’ Select Committee on the Chinese Communist Party. She was joined by Gen. Paul Nakasone, commander of U.S. Cyber Command; FBI Director Christopher Wray; and National Cyber Director Harry Coker Jr. The hearing focused on China’s ability and willingness to disrupt critical U.S. infrastructure in order to sap Americans’ will to respond to a Chinese invasion of Taiwan.
Chinese President Xi Jinping reportedly told President Joe Biden recently that his country is preparing to reunify with Taiwan and is willing to use force to do so. Easterly told the committee that in recent years, CISA has “seen Chinese cyber actors … burrowing deep into our critical infrastructure to enable destructive attacks in the event of a major crisis or conflict.”
As evidence that “the threat is not theoretical,” Easterly and her fellow panelists cited Volt Typhoon, a cyber actor connected to China by CISA and other security organizations that was accused last year of infiltrating U.S. critical infrastructure organizations disguised as legitimate users, a technique called “living off the land.” (See NERC Issues Cybersecurity Data Request.)
Wray noted to the committee that the FBI had “shut down” Volt Typhoon in an operation announced that day but warned that cyberattacks remain a potent part of the Chinese leadership’s “whole-of-government campaign” against the U.S. Echoing Easterly’s assessment of China’s cyber plans, he called the country’s cyber posture “the defining threat of our generation.”
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities,” Wray said. “If or when China decides the time has come to strike, they’re not [going to be] focused just on political or military targets. … Low blows aren’t just a possibility in the event of a conflict. Low blows against civilians are part of China’s plan.”
Wray described the threat from China’s state-sponsored hackers as overwhelming, saying in his opening remarks that even if all of the FBI’s cybersecurity specialists focused on China, the country’s “hackers would still outnumber FBI cyber personnel by at least 50 to 1.” Under questioning from Chair Mike Gallagher (R-Wis.), Wray said China’s willingness to recruit cyber criminal gangs would likely make the disparity even greater in a crisis.
Following up on Wray’s remarks, Nakasone asserted that the U.S. cybersecurity agencies are not without their own “force multiplier” in the form of partnerships with the private sector, which he described as a source of justifiable concern for his Chinese counterparts.
“They may have 50 to 1, but when we have the private sector, we outnumber them,” Nakasone said.
Rep. Kathy Castor (D-Fla.) focused on the energy sector in her question time, asking Easterly for her impression of the response from “the fractured nature of public and private entities.” Easterly responded by praising energy utilities, particularly for the high degree of participation by company CEOs in CISA’s cybersecurity activities.
“You do not see that across every sector, and that really shows that CEOs in the energy sector understand this issue and understand the need to make significant investments in cybersecurity and cyber resilience,” Easterly said. She added that the connections established during CISA’s “very aggressive” outreach to industry before and during Russia’s invasion of Ukraine in 2022 have continued to pay off as concerns rise about China’s intentions.