Partner content
DoD: China’s ICS cyber onslaught aimed at gaining kinetic warfare advantage
China’s onslaught of cyberattacks on critical infrastructure is likely a contingency move designed to gain a strategic advantage in the event of kinetic warfare, according to the US Department of Defense (DoD).
The agency’s 2023 Cyber Strategy released this week flagged an uptick in state-sponsored cybercrime from the People’s Republic of China (PRC), specifically against sensitive targets that could have an effect on military response, in order “to counter US conventional military power and degrade the combat capability of the Joint Force.”
The DoD alleged in the report that the PRC “poses a broad and pervasive cyberespionage threat,” surveilling individuals beyond its borders, stealing technology secrets, and undermining military-industrial complex capabilities. But the activity goes beyond run-of-the-mill intelligence-gathering, the agency warned.
“This malicious cyber activity informs the PRC’s preparations for war,” according to the report. “In the event of conflict, the PRC likely intends to launch destructive cyberattacks against the US Homeland in order to hinder military mobilization, sow chaos, and divert attention and resources. It will also likely seek to disrupt key networks which enable Joint Force power projection in combat.”
An Increasing Chinese Focus on Military Degradation
The idea that cyber activity could presage military action echoes assessments by Microsoft and others, made earlier this year around the Volt Typhoon attacks. The Beijing-supported advanced persistent threat (APT) made national headlines in the US in May, June, and July with a series of compromises that targeted telecom networks; power and water controls; US military bases at home and abroad; and other infrastructure whose disruption would hamper real-world military operations.
So far, those compromises have not affected the operational technology (OT) used by the victims, but speaking at Black Hat USA in August, CISA Director Jen Easterly warned that the Chinese government is likely getting itself into the position to conduct disruptive attacks on American pipelines, railroads, and other critical infrastructure if the US gets involved during a potential invasion of Taiwan.
“This APT moves laterally into environments, gaining access to areas in which it wouldn’t traditionally reside,” says Blake Benson, cyber lead at ABS Group Consulting. “Additionally, this threat actor worked hard to cover their tracks by meticulously dumping all extracted memory and artifacts, making it difficult for security teams to pinpoint the level of infiltration.”
To read the complete article, visit Dark Reading.
