Senator Vance Warns of Threat Posed by China-Backed Volt Typhoon Hackers

“The impact from a full-scale Volt Typhoon attack on U.S. critical infrastructure would be devastating and could

result in our nation being thrown into disarray at the exact time it is under military attack from foreign adversaries.”

WASHINGTON, D.C. – Senator JD Vance (R-OH) sent a letter to Cybersecurity & Infrastructure Security Agency (CISA) Director Jen Easterly detailing past attacks on American technology infrastructure by a Chinese-backed hacking group. Senator Vance also expressed his concerns that the group poses a critical national security threat.

The hacking group, Volt Typhoon, has compromised hundreds of thousands of devices, and experts believe it has targeted critical American infrastructure in order to exploit future instances of increased geopolitical tensions. Such a scenario would be devastating to American infrastructure, the energy grid, military facilities, and supply chains.

The letter reads, in part: 

I write to express my concern that U.S. critical infrastructure appears to be under attack from the PRC state-sponsored hacker group known as Volt Typhoon. The impact from a full-scale Volt Typhoon attack on U.S. critical infrastructure would be devastating and could result in our nation being thrown into disarray at the exact time it is under military attack from foreign adversaries. The consequences of a Volt Typhoon attack would presumably include a threat to the U.S. military by disrupting power and water to our military facilities and critical supply chains.

According to reports, Volt Typhoon has compromised hundreds of thousands of devices since it was publicly identified by Microsoft in May 2023. Indeed, experts believe the group has targeted U.S. critical infrastructure since mid-2021 using malicious software that penetrates internet- connected systems. On January 31, 2024, the FBI reported that it had disrupted some of Volt Typhoon’s operations by removing the group’s malware from some small office routers. However, on February 7, 2024, CISA, the FBI, and other U.S. agencies along with the Five Eyes partners released a major advisory in which they warned that Volt Typhoon was pre-positioning on critical infrastructure networks to “enable disruption or destruction of critical services in the event of increased geopolitical tensions.” According to the agencies, “this is a critical business risk for every organization in the United States and allied countries.” On March 19, 2024, CISA along with other agencies released a fact sheet advising critical infrastructure executive leaders “on the urgent risk posed” by Volt Typhoon and how to mitigate the threat of attack to the Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors.

Following Secretary of State Blinken’s April visit to China, Ambassador Fick stated that Secretary Blinken was “very clear that holding American critical infrastructure at risk — especially civilian critical infrastructure — is dangerous. It’s escalatory. It’s unacceptable.” Ambassador Fick added that the U.S. delegation spoke with the Chinese officials “about Volt Typhoon directly.” According to press reports, President Joe Biden also addressed Volt Typhoon in meetings with Chinese President Xi Jinping.

The full text of Senator Vance’s letter can be viewed here.