“The warnings we’ve heard from the intelligence community for years have now become reality”

WASHINGTON, D.C. ­­­­­–– Today, House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino (R-NY) released the following statement on Chinese state-sponsored actors maintaining persistent access to U.S. critical infrastructure for disruptive or destructive cyberattacks in the event of a major conflict with the United States. These threats were detailed in a Joint Cybersecurity Advisory today by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), several Sector Risk Management Agencies, and international partner agencies:

“The warnings we’ve heard from the intelligence community for years have now become reality—actors from the People’s Republic of China (PRC) have successfully infiltrated the networks of U.S. critical infrastructure. This is not just a warning light—the adversarial cyber threat is here now. 

“In May 2023, a Joint Cybersecurity Advisory attributed malicious activity called Living off the Land to Volt Typhoon, a PRC state-sponsored cyber actor. At the time, I called on critical infrastructure owners and operators to implement the recommended mitigations and I also called on Congress to continue to equip CISA to support these owners and operators to defend their networks. 

“With today’s advisory, we now know that this activity is part of a vast campaign in which Volt Typhoon actors have successfully infiltrated the networks of the communications, energy, transportation systems, and water and wastewater systems sectors. We also know that Volt Typhoon actors are accessing information technology (IT) networks with the intent of disrupting operational technology (OT). Read that again—the PRC is accessing IT systems like the personal emails of key staff with the intention of moving laterally to OT assets to disrupt the physical functions of industrial control systems like critical energy and water controls.

“Just yesterday my Subcommittee held a hearing evaluating what’s needed to secure OT assets across sectors. We learned that smaller organizations often have limited cybersecurity capabilities and yet these organizations also often provide vital services to larger organizations and/or key geographic regions. These smaller organizations are on the front lines defending our domestic infrastructure—we must do more to support them.

“I continue to urge critical infrastructure owners and operators, especially in the specified sectors, to lean on CISA and the SRMAs for support, and I urge CISA to prioritize the security and resilience of these sectors. I will continue to empower and equip CISA to provide this support and I urge my colleagues across both Chambers to do the same.”

###