FBI official: Chinese hackers boost recon efforts
SAN FRANCISCO — Chinese hackers have stepped up their probes against the U.S. tech sector since Russia’s invasion of Ukraine, an FBI official said on Thursday.
“We've actually seen — here in the San Francisco area — an uptick in reconnaissance from Chinese advanced persistent threat actors, specifically,” Elvis Chan, an assistant special agent in charge at the bureau’s San Francisco field office, said during a panel discussion at the RSA conference. He did not name any specific groups.
Chan, who manages the field office’s cyber branch, said Chinese hackers have increased their scans, in part, because they “want to see” how the U.S. and its private sector react to Moscow’s unprovoked assault on Ukraine.
“They’re still looking to steal as much intellectual property as they can,” he added, a nod to the longtime issue of the digital plundering by the Chinese that has been estimated to cost the U.S. billions of dollars annually.
He noted China’s COVID-19 vaccines “are nowhere near as good” as the ones produced by the U.S. and other Western nations, before adding that the perpetrators are “looking to steal proprietary information from our entire tech sector.”
The insight comes two days after the FBI — along with the NSA and the Cybersecurity and Infrastructure Security Agency (CISA) — issued an advisory that provided fresh details about how Chinese hackers have targeted, and compromised, major telecommunications companies and internet service providers by exploiting publicly known vulnerabilities.
Chan said that while top federal cyber officials are focused on the ongoing military conflict in Europe, “the Chinese government, the Iranian government, the North Korean government, none of them are sleeping” or halting their own malicious digital activities.
Martin Matishak is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.