We live in uncertain times.
But nothing has done so much to bring that uncertainty home recently as a Thursday speech given by FBI Director Christopher Wray at Vanderbilt University’s “Summit on Modern Conflict and Emerging Threats”. It wasn’t just enlightening; it was eye-opening. The fact it was given less than a half hour from my home only personalized the message even more.
Wray told national security and intelligence experts and Vandy students that Chinese government linked hackers have “burrowed into critical U.S. infrastructure.”
Now, Wray said without equivocation, they’re waiting for “just the right moment to deal a devastating blow.”
Coming the same day that 911 services failed across several states, and after infrastructure “issues” with air traffic control computers and interstate pipelines, Wray’s remarks are concerning. Normally senior federal officials offer comfort, not concern when it comes to threats.
Wray continued, saying the hackers, part of an operation he called Volt Typhoon, have access to companies in telecommunications, energy, water and “other critical sectors.” He went as far as to say that 23 pipeline operators had been targeted in the hacks.
Wray pointed out the FBI and other agencies were continually battling Volt Typhoon, but refuted China’s assertion that it was hackers, not the Chinese government, behind the attacks. China, Wray said, was essentially developing the “ability to physically wreak havoc on our critical infrastructure at a time of its own choosing.”
The plan, goal to Wray, is simple: “land blows against critical infrastructure to try to induce panic.” It is part and parcel, he explained, of China’s stated goal of world financial dominance.
Today, panic never seems as distant as it once did. Wray’s remarks brought home just how tenuous the state of world affairs are today. Today, the world is interconnected. Concerns once lessened due to geography are as real and tangible as runaway freighters knocking down bridges.
Panic never seems far enough away today for people to catch a calming breath.
Wray told attendees the U.S. had been on alerts since 2011. That’s when a classic FBI-style sting operation established a “honeypot” - a false site on a corporate site where decoy documents were located.
“It took hackers all of 15 minutes to find and steal the data related to the control and monitoring systems,” Wray recounted. Since hackers “ignored financial and business-related information,” he explained, it “suggests their goals were more sinister than getting a leg up economically.”
Wray hasn’t been reluctant to share this message of late. But there’s a second part of his message: a subtle pitch for companies to cooperate with the FBI by conducting “joint, sequenced operations” to protect computer networks.
That, he says, shares “vital information about what adversaries are doing - or preparing to do- against us.”
That’s true, but the conduct of federal agencies over the past few years raised concerns as to how that “vital information” might be repurposed among attendees. Some felt there were times when cooperation made sense, but there normal times, they said, called for necessary protective barriers between business information and government access.
Wray offered simple advice on how protecting the digital portion of business: practice vigilance.
Have an incident response plan. Test and exercise that plan.
Fortify networks and devices to make them as “inhospitable” as possible.
He also encouraged businesses to keep wary eyes on their hardware and supply chains.
“Vetting your vendors, their security practices, and knowing who’s building the hardware and software you’re granting access to your network is crucial,” he explained, “push for transparency into what suppliers and vendors are doing with your data and how they will maintain it.”
If you’ve never dealt with I/T, this might seem a bit extreme. If you have, you realize Wray’s not advocating for anything draconian. He is, in fact, only advising preparedness, not inducing panic.
If you have an external communications connection into your home or business, you have an additional door - albeit digital- for potential intrusion. That door deserves the same security as your warehouse, shop floor or offices.
Before you dismiss the idea of bad actors backdooring bothering themselves with breaking into your computer, consider what digital buying, banking or brokering you do via that digital door. Be prepared to realize that you’ve only protected parts of your home or business.
Being prepared in today’s world means taking steps to protect your family from both analog and digital threats.
As always, we’ll keep you posted.
— Jim Shepherd