FBI Director Warns Chinese Hackers Plan to Target Water Infrastructure

FBI Director Warns Chinese Hackers Plan to Target Water Infrastructure

Interested in Safety?

Get Safety articles, news and videos right in your inbox! Sign up now.

Safety + Get Alerts

In a recent statement, FBI Director Christopher Wray expressed serious concerns about the threat of Chinese hackers targeting American infrastructure, according to CNN.

During a House Select Committee hearing on the Chinese Communist Party, Wray emphasized that these hackers are strategically positioning themselves to potentially cause significant real-world damage in the U.S., including to vital systems like water treatment, electricity, and oil and gas pipelines.

This warning highlights the heightened level of alarm within the U.S. government regarding the capabilities of Chinese cyber attackers. Other top U.S. security officials, including the head of the National Security Agency, also testified about the risks posed by Chinese cyber activities.

Wray's warning comes on the heels of a spate of Iran-backed cyberattacks against water utilities toward the end of 2023. Those cyberattacks prompted the Cybersecurity & Infrastructure Security Agency — along with the FBI, National Security Agency, Environmental Protection Agency and the Israel National Cyber Directorate — to release a joint Cybersecurity Advisory in response to the active exploitation of Unitronics programmable logic controllers in multiple sectors, including U.S. water and wastewater facilities. 

Iranian Government Islamic Revolutionary Guard Corps-affiliated cyber actors using the persona “CyberAv3ngers” are actively targeting and compromising Israeli-made Unitronics Vision Series PLCs that are publicly exposed to the internet, through the use of default passwords, according to CISA. The PLCs may be rebranded and appear as different manufacturers and company names.

In addition, CISA, the FBI and the EPA recently published a guide to assist owners and operators in the water and wastewater systems sector with best practices for cyber incident response and information about federal roles, resources and responsibilities for each stage of the response lifecycle.

The guide was developed in collaboration with over 25 water/wastewater industry, nonprofit and state/local government partners, and covers the four stages of the incident response lifecycle. Click here to download the guide.

CISA and the EPA also collaborated to develop this toolkit to assist water and wastewater systems across the nation with their cybersecurity efforts.


Comments on this site are submitted by users and are not endorsed by nor do they reflect the views or opinions of COLE Publishing, Inc. Comments are moderated before being posted.