Federal Bureau of Investigation Director Christopher Wray put the spotlight on the threat posed by Chinese state-backed hackers during a security summit held over the weekend.

Speaking at the Munich Security Conference on Sunday, Wray said that such hacking groups’ malware prepositioning operations against critical infrastructure have reached a “fever pitch.” Prepositioning is a term for a situation where hackers embed malware into a network with the goal of carrying out cyberattacks in the future. Wray said that the U.S. has been tracking Chinese prepositioning operations for over a decade. 

In his remarks, Wray drew attention to a Chinese state-backed hacking group tracked as Volt Typhoon by researchers. The group’s activities were first publicly detailed by Microsoft Corp. last March. According to the tech giant, the hackers carried out cyberattacks against critical infrastructure organizations in Guam and other parts of the U.S. 

Microsoft determined that one of Volt Typhoon’s goals was “pursuing development of capabilities” that could disrupt communications between the U.S. and Asia in the event of a crisis. According to the company, the hacking group mostly used so-called living of the land tactics to carry out cyberattacks. In a living off the land campaign, hackers attempt to compromise an organization’s systems using the existing, legitimate software installed on those systems. 

Last month, the Justice Department and the FBI announced that they have disrupted a botnet Volt Typhoon used to support its activities. The botnet comprised several hundred breached SOHO, or small office and home office, routers located in the U.S. The hackers used the compromised devices to try and mask the malicious traffic generated by their cyberattacks. 

During his Sunday remarks at the Munich Security Conference, Wray said that Volt Typhoon represents only the tip of the iceberg. He added that the FBI and its partners are actively working to disrupt such hacking groups.

“We’re laser focused on this as a real threat and we’re working with a lot of partners to try to identify it, anticipate it and disrupt it,” Wray said. “I’m sober and clear minded about what we’re up against…. We’re always going to have to be kind of on the balls of our feet.”

Wray and his counterparts in the U.K., Canada, Australia and New Zealand reportedly held a meeting last year to “focus the spotlight on Chinese espionage,” the Financial Times reported on Sunday. Wray said that there is broader awareness of the issue than a few years ago among security agencies, as well as in the private sector and academia. The same is true across the pond, where Wray said European countries are investing more resources in countering Chinese espionage.

“I can’t think of a single one where they’re not more engaged on it than they were,” Wray said. “There’s still differences but even now they’ve all moved in the same direction.” 

Photo: J/Flickr