FBI Director Warns of China Hacker Threat

Chinese government hacking efforts now target the entire American populace, and the escalating urgency of the overall threat that China poses to U.S. national security requires more investment in the FBI’s capabilities, FBI Director Wray warned lawmakers during a January 31 appearance before the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party.

“I do not want those watching today to think we can’t protect ourselves,” he told legislators. “But I do want the American people to know that we cannot afford to sleep on this danger.”

Wray said that Chinese hackers outnumber FBI cybersecurity agents by a ratio of 50:1.

China’s quest to steal American intellectual property to gain an economic and militaristic edge over the United States—through nefarious cyber means and traditional espionage, alike—hasn’t let up. But the scope of its malicious cyber activities has expanded to target our nation’s critical infrastructure, Wray told lawmakers during the hearing, which looked to gauge the risks that CCP cyber efforts poses to U.S. national security.

“There has been far too little public focus on the fact that PRC [People’s Republic of China] hackers are targeting our critical infrastructure—our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems,” Wray told the committee during his opening remarks. “And the risk that poses to every American requires our attention now.”

China’s state-sponsored hackers are posturing themselves to be able to take down these vital resources at a moment’s notice. That way, if conflict breaks out between the U.S. and China, they can cripple those resources and do direct harm to U.S. citizens, Wray explained. “Low blows against civilians are part of China’s plan,” he said.

And, Wray stressed, this threat isn’t theoretical. On January 31, it was announced that the Bureau had worked with partners to identify Wi-Fi routers that had been infected with malware originating from a Chinese government-sponsored hacking group.

“The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors—steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,” Wray said. “So working with our partners, the FBI ran a court-authorized, on-network operation to shut down Volt Typhoon and the access it enabled.”

This disruption was significant, but it’s not the end of the story when it comes to countering malicious cyber efforts by the Chinese government.

The FBI is leveraging its expertise in the areas of cybersecurity, criminal investigation, and weapons of mass destruction, as well as private and public sector partnerships and relationships with international allies to tackle this multifaceted threat, he said. And investment is central to sustaining our battle rhythm against this threat.

The President’s Fiscal Year 2024 Budget Request would help the FBI bolster its 56 field offices’ ability to investigate cyber threats, Wray’s written testimony to the committee stated.

“The Fiscal Year 2024 Budget Request includes an additional $63 million for more agents, enhanced response capabilities, and strengthened intelligence collection and analysis capabilities,” he wrote. “These investments reflect the National Cybersecurity Strategy’s emphasis on a whole-of-nation approach to addressing the ongoing cyber threat.”
Cuts to the Bureau’s budget would hinder the FBI computer intrusion program’s ability to combat CCP threats to U.S. economic and national security “before they can do significant harm,” the written testimony noted.

“The budgets that emerge from the discussions underway now will dictate what kind of resources we have ready in 2027—a year that, as this committee knows all too well, the CCP has circled on its calendar,” Wray told the committee.

Wray testified beside witnesses from across the U.S. government’s highest levels of cyber leadership at the hearing about CCP threats to American cybersecurity. Fellow panelists included National Security Agency Director Gen. Paul M. Nakasone (who appeared in his capacity as commander of U.S. Cyber Command); Cybersecurity and Infrastructure Security Agency Director Jen Easterly; and Harry Coker, Jr., who leads the Office of the National Cyber Director.

“The Select Committee on the Chinese Communist Party is committed to working on a bipartisan basis to build consensus on the threat posed by the Chinese Communist Party and develop a plan of action to defend the American people, our economy, and our values,” the committee’s website states.

You can read Director Wray’s full written testimony here, and you can read his opening remarks, as prepared, here.