In a concerning turn of events, suspected Chinese malware has been discovered in various US military systems. Unlike previous cyberattacks, which primarily aimed at surveillance, the intent behind this malware appears to be disruption of operations. This shift in intent has been described as 'disturbing' by experts.
The malware first caught public attention in May when Microsoft identified malicious code in telecommunications software in Guam, where the US houses the Andersen Air Force Base. US officials have stated that investigations into this Chinese malware had been ongoing for several months. The malicious code has infiltrated US military systems not only across the country but also abroad.
According to Deputy Director of the National Security Agency (NSA), George Barnes, China is steadfast and determined to penetrate our governments, our companies, and our critical infrastructure. This new wave of malicious code could potentially disrupt both US military and civilian operations.
Rob Joyce, the director of cybersecurity at the NSA, referred to the nature of this malware as 'really disturbing.' This malware could enable China to cut off power, water, and communications to military bases, and it could also impact personal homes and businesses across the country.
Yet, it remains unclear whether the Chinese government is aware of this malware or how effective the software would actually be. The issue of Chinese hacking was raised by US Secretary of State Antony Blinken during a meeting with Chinese diplomats.
This new wave of cyberattacks is a marked change from previous ones. Typically, many cyberattacks are discovered when experts track information being extracted out of a network, or unauthorized accesses are made. However, this malware can lay dormant for long periods, making it difficult to detect.
The sophistication of these recent Chinese penetrations has been enormous. They have limited the communication of the implanted software with Beijing, making them difficult to discover. According to George Barnes, China has become more sophisticated at penetrating government and private sector networks. They have found ways to steal or mimic the credentials of system administrators, which allows them to implant their own code.
This alarming discovery underlines the importance of robust cybersecurity measures and continuous vigilance in the face of evolving cyber threats. It is essential for the US to take appropriate action to hold those responsible accountable and to protect its critical infrastructure from future cyberattacks.