China Had Persistent Access to US, Allied Networks for Years: White House Official

National Security Council official Israel Soong said the Chinese regime was able to ‘persistently and aggressively maintain this cyber access for years on end.’
China Had Persistent Access to US, Allied Networks for Years: White House Official
An unnamed Chinese hacker uses a computer at an office in Dongguan, in Guangdong Province, China, on Aug. 4, 2020. Nicolas Asfouri/AFP via Getty Images
Andrew Thornebrooke
Updated:
0:00

Hackers in communist China maintained persistent access to U.S. and allied systems for multiple years, a Biden administration official has said.

The cyber campaign appears to be part of a wider effort by the Chinese Communist Party (CCP) to prepare attacks on critical infrastructure, according to Israel Soong, director for East Asia and Pacific cyber policy at the National Security Council.

In the event of a conflict, China intended to use its cyber access to “cripple” critical systems, including power grids and communications platforms, Mr. Soong said during a July 16 speech at the Hudson Institute, a conservative think tank.

Mr. Soong’s comments appeared to reference a malicious cyber campaign that was acknowledged by the Cybersecurity and Infrastructure Security Agency (CISA) in February. A CISA statement at the time said that CCP-backed hackers were “seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure.”

Intelligence leaders told Congress in February that the intrusion was detected in December 2023 and malware was removed from 600 government systems; however, the threat persisted in many infrastructure systems that are run by private companies.

Mr. Soong said many didn’t know that similar efforts had targeted numerous nations around the globe.

“What is public but is less well known is that the PRC has been doing the same propositioning to many other countries around the globe, including some who are our allies,” Mr. Soong said, using the acronym for the People’s Republic of China.

The Chinese regime could “persistently and aggressively maintain this cyber access for years on end,” he said.

The CCP invested heavily in cyber capabilities because it had developed a national strategy to “actively and intentionally dominate these areas in a strategic way,” Mr. Soong said.

“Beijing sees cyber and emerging technology as critical to the strategy to reshape the United States-led international order to be more favorable to the priorities of the Chinese Communist Party,” he said.

While CCP efforts to prepare for the sabotage of critical infrastructure are alarming, they are unlikely to be leveraged absent a major conflict between China and the United States, Mr. Soong said. That’s because an attack on U.S. infrastructure that results in American casualties would be considered an outright attack, he said.

The comments follow several reports earlier this year by Dutch intelligence agencies, which found that state-backed hackers in China had compromised more than 20,000 systems across dozens of Western governments, international organizations, and a large number of companies within the defense industry.

That campaign, dubbed COATHANGER, allowed China-based hackers to achieve “permanent access” to vital systems, according to a Dutch statement. Moreover, Dutch intelligence last month confirmed that “it is likely that the state actor still has access to systems of a significant number of victims at the moment.”

Thus, the hackers continue to maintain their illicit access to key government agencies in the West.

It’s currently unclear if COATHANGER was designed purely for espionage purposes or as part of the broader CCP effort to prepare critical systems in foreign nations for sabotage.

Speaking to Congress in May, Director of National Intelligence Avril Haines said that most China-based cyberattacks against the United States target health care and industrial control systems, as well as defense, energy, transportation, and food and water supplies.

U.S. and allied governments have faced difficulties effectively countering the Chinese regime’s massive cybercrime apparatus, partly because of a much smaller pool of leverageable cybersecurity professionals.

FBI Director Christopher Wray testified in April that the CCP was “sparing no expense in its attempt to hack, lie, cheat, and steal its way to the top as a global superpower.”

Chinese state-backed hackers “outnumber FBI cyber personnel at least 50 to 1,” he said.
Andrew Thornebrooke
Andrew Thornebrooke
National Security Correspondent
Andrew Thornebrooke is a national security correspondent for The Epoch Times covering China-related issues with a focus on defense, military affairs, and national security. He holds a master's in military history from Norwich University.
twitter