U.S. Accuses Chinese Hackers of Targeting Critical Infrastructure in America
The United States imposed sanctions on Monday on Chinese hackers and accused them of working as a front for Beijing’s top spy agency, part of a broad effort to place malware in American electric grids, water systems and other critical infrastructure.
The sanctions were a major escalation of what has become an increasingly heated contest between the Biden administration and Beijing.
While there have been no cases so far in which the Chinese government has turned off essential services, American intelligence agencies have warned in recent months that the malware appeared to be intended for use if the United States were coming to the aid of Taiwan.
By turning off critical services to military bases, and to civilian populations, China would attempt, according to a series of intelligence findings, to turn Americans inward — worrying about their own supplies of electricity, food and water rather than coming to the aid of a distant island that Beijing claims as its own.
The sanctions were part of a joint effort between the United States and the United Kingdom to crack down on Chinese hacking into vital services. In announcing the new measures, the Treasury Department described malicious state-sponsored cyberactors as “one of the greatest and most persistent threats to U.S. national security.”
The Treasury Department added Wuhan Xiaoruizhi Science and Technology Company to its sanctions list and described it as a “front company” for China’s ministry of state security. The ministry has emerged as Beijing’s largest hacking operation, after a major investment by the Chinese government, according to American intelligence agencies.
The ministry — under the direct control of the Chinese leadership — is taking over for the People’s Liberation Army, which directed most of the espionage attacks on American companies, intended to steal corporate secrets or defense designs.
But China’s strategy has now evolved, and its first goal appears to be finding a way to deter, or at least slow, a military effort by Washington to aid Taiwan if Mr. Xi decided to try to take the island.
“The United States is focused on both disrupting the dangerous and irresponsible actions of malicious cyberactors as well as protecting our citizens and our critical infrastructure,” said Brian E. Nelson, the Treasury Department’s under secretary for terrorism and financial intelligence. Treasury also imposed sanctions on two Chinese nationals for their roles in cyberattacks.
While President Biden has never mentioned the threat in public, his aides have been intensely focused on an operation called “Volt Typhoon” that stretches back many years — but has intensified since early last year. Over the past few months, the United States has been intensively working with American business that are crucial to American infrastructure, and even issued a detailed warning last week on how to detect Chinese intrusions into critical systems.
But the announcement on Monday went far beyond electric grids and water systems. It pointed to a defense contractor that manufactures flight simulators for the U.S. military, a Tennessee-based aerospace and defense contractor and an Alabama-based aerospace and defense research corporation.
The sanctions on China come as the Biden administration has been trying to stabilize relations with Beijing, seeking areas of cooperation on combating the flow of fentanyl and fighting climate change. That effort began with President Biden’s meeting with President Xi Jinping in California late last year, in which he warned Mr. Xi about the intrusions into American infrastructure. Chinese officials have denied they were involved.
Still, the administration is attempting to mix heightened pressure with continuing dialogue. Treasury Secretary Janet L. Yellen is expected to make her second trip to China in the coming months.