This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| 1 minute read

U.S. Federal Bureau of Investigation Shuts Down Chinese Hackers Targeting U.S. Infrastructure

FBI Director Christopher Wray announced today that the FBI has shut down an attempt by Chinese-backed hackers to disrupt U.S. critical infrastructure, such as water treatment plants, oil and gas pipelines, and transportation systems. In a House committee hearing today, he described how the Chinese-backed hacker group code named “Volt Typhoon" had targeted and successfully infiltrated hundreds of office and home-office routers such that the hackers were able to create a botnet of the affected routers and access data of the victims. 

Instead of just making a blanket announcement cautioning potential victims, the FBI, under a court order, went into the affected routers and removed the KV Botnet malware from them. The move underscores that the FBI and other government agencies may take action to protect critical infrastructure, even if the operators of that infrastructure does not. 

Many of the affected routers were “end of life” and no longer supported by their respective manufacturers. This emphasizes the need for businesses of all sizes (especially those involved in critical infrastructure) to keep both hardware and software of their network infrastructure up to date, and to replace devices that are end of life and no longer supported. 

A December 2023 court-authorized operation has disrupted a botnet of hundreds of U.S.-based small office/home office (SOHO) routers hijacked by People’s Republic of China (PRC) state-sponsored hackers. The hackers, known to the private sector as “Volt Typhoon,” used privately-owned SOHO routers infected with the “KV Botnet” malware to conceal the PRC origin of further hacking activities directed against U.S. and other foreign victims. These further hacking activities included a campaign targeting critical infrastructure organizations in the United States and elsewhere that was the subject of a May 2023 FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and foreign partner advisory


cybercrime, cybersecurity, law enforcement, innovative technology