Chinese hackers have been hiding in US critical infrastructure for at least the last five years, CNN reported on Wednesday. By lurking behind the scenes of transportation, water, electricity and other important systems, the hackers have the opportunity to strike whenever they deem the time is right, US officials say in a 50-page report on the subject. A public version of the full document is set to be released next week.
Officials from the FBI and the Justice Department previously issued a court order to update software that could succumb to Chinese hacking. The effort aimed to fight Chinese hacking by remotely disabling certain affected systems. According to the department, it was able to remove code from hundreds of internet routers that could have let Chinese hackers in.
The forthcoming report reveals just how long this has been going on, and how bad a potential cyberattack could be. It’s set to detail hackers’ techniques, while providing guidance to companies behind critical infrastructure systems on how to find Chinese hackers in their systems. There are no signs in the report that hackers have acted maliciously against US infrastructure yet.
Hackers started by getting into IT systems and, from there, working their way into more important tech behind US infrastructure. They also broke into security cameras at some of the facilities and, in another case, accessed water treatment plants, the report says.
Last week, FBI director Christopher Wray warned Congress that Chinese hackers were preparing to wreck havoc on US critical infrastructure systems. “Cyber threats to our critical infrastructure represent real world threats to our physical safety,” he said at the hearing.