China ‘pre-positioning’ in U.S. networks for a potential conflict: Canadian agency
Global News
Annual unclassified cyber threat report reveals 20 instances when the Chinese government allegedly compromised Canadian government networks in recent years.
Beijing-linked hackers are “very likely” finding their way into U.S. critical infrastructure networks to “pre-position” for a potential conflict with America, according to Canada’s cyber intelligence agency.
The Communications Security Establishment (CSE) said the People’s Republic of China (PRC) is likely integrating cyber operations into its military planning “to gain an advantage … in the event of a major crisis or conflict with the U.S.” The “pre-positioning” refers to gaining access to networks in order to exploit them if the need arises.
Because of Canada’s connection to critical infrastructure networks in the U.S. — such as the transportation, energy and telecommunications sectors — CSE warned in their annual cyber threat report that the alleged compromises are a threat to Canada, too.
“According to U.S. officials, the PRC’s operation is designed to slow the U.S. military’s response and to sow societal panic” in the event of conflict, the report suggested.
“While the focus of future PRC cyber warfare operations will likely be concentrated on the U.S., disruptive or destructive cyber threat activity against integrated North American critical infrastructure … would likely affect Canada as well due to cross-border interoperability and interdependence.”
Allegations that hostile nations are “pre-positioning” themselves in Canadian or allied computer networks are not new, and CSE has spoken publicly about the threat in the past.
But the stark language in the report — that a Beijing-linked hacking group known as “Volt Typhoon” is “almost certainly” already trying to break into U.S. networks as preparation for a potentially significant conflict between the two world superpowers — is striking in itself.
“Volt Typhoon is especially noteworthy because the PRC has not historically conducted disruptive or destructive cyber operations against critical infrastructure,” the report noted.