Exclusive — Sen. J.D. Vance: America ‘Under Attack’ from Chinese ‘State-Sponsored’ Hackers

Sen. J.D. Vance (R-OH) questions former executives of failed banks during a Senate Banking Committe
Drew Angerer/Getty Images

Sen. J.D. Vance (R-OH) on Friday sent a letter to a cybersecurity agency concerning vulnerabilities in critical American infrastructure and how the agency is responding to the Chinese government-sponsored state hacking group Volt Typhoon.

Vance wrote his letter, which Breitbart News obtained, to Cybersecurity & Infrastructure Security Agency (CISA) Director Jen Easterly about how critical American infrastructure is “under attack” from the Chinese government “state-sponsored hacker group known as Volt Typhoon.” The Ohio senator said that the consequences of a Volt Typhoon attack on American infrastructure could be immense:

The impact from a full-scale Volt Typhoon attack on U.S. critical infrastructure would be devastating and could result in our nation being thrown into disarray at the exact time it is under military attack from foreign adversaries. The consequences of a Volt Typhoon attack would presumably include a threat to the U.S. military by disrupting power and water to our military facilities and critical supply chains.

Sen. Vance Letter to CISA 5.10 by Breitbart News on Scribd


Vance noted that Volt Typhoon has “compromised hundreds of thousands of devices since it was first publicly identified by Microsoft in May 2023.” In June 2023, the National Security Agency (NSA), CISA, FBI, and other international cybersecurity agencies issued a Cybersecurity Advisory (CSA) about Volt Typhoon’s capacity to attack critical infrastructure. In March 2024, CISA issued an advisory on best practices to harden its systems against Volt Typhoon.

Rob Ames, a staff threat researcher at SecurityScorecard, explained that Volt Typhoon typically uses more “hands-on keyboard techniques” than traditionally relying on activity exploited by malware.

“Critical infrastructure” sectors are particularly vulnerable to Volt Typhoon hacking. These sectors, which include communications systems, energy production, and government facilities, are “considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”

Vance wrote about the threat that is Volt Typhoon:

Indeed, experts believe the group has targeted U.S. critical infrastructure since mid-2021 using malicious software that penetrates internet connected systems. On January 31, 2024, the FBI reported that it had disrupted some of Volt Typhoon’s operations by removing the group’s malware from some small office routers.

However, on February 7, 2024, CISA, the FBI, and other U.S. agencies along with the Five Eyes partners released a major advisory in which they warned that Volt Typhoon was pre-positioning on critical infrastructure networks to “enable disruption or destruction of critical services in the event of increased geopolitical tensions.”

To better understand the risk that is Volt Typhoon, Vance asked that Easterly provide answers to these questions:

1. What is CISA’s understanding of how Volt Typhoon became embedded in U.S. critical infrastructure?
2. What prompted CISA to go public earlier this year warning of the urgent risk posed by Volt Typhoon?
3. How many U.S. public or private critical infrastructure entities in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems sectors are impacted by Volt Typhoon?
4. Are there other critical infrastructure sectors impacted by Volt Typhoon? If so, which sectors (beyond those named in response to question 3)?
5. According to reports, CISA has worked with sector risk management agencies to do outreach to each sector regarding Volt Typhoon. Which agencies specifically?
6. Which Information Sharing and Analysis Centers (ISACs) are aware of Volt Typhoon?
7. How many individual network devices in the U.S. are impacted or potentially impacted by Volt Typhoon?
8. What strategies have CISA and/or sector risk management agencies named in response to question 5 designed and/or implemented to mitigate the threat from Volt Typhoon?
9. How many calls to CISA’s 24/7 Operations Center regarding Volt Typhoon has the agency received since January 1, 2023?

American officials’ concerns became so immense that Nathaniel Fick, the State Department’s ambassador-at-large for cyberspace and digital policy, said in May that American and Chinese officials discussed the Volt Typhoon espionage campaign that targeted American critical infrastructure.

Fick said that Secretary of State Antony Blinken told Chinese officials that he was “very clear that holding American critical infrastructure at risk — especially civilian critical infrastructure — is dangerous. It’s escalatory. It’s unacceptable.”

Sean Moran is a policy reporter for Breitbart News. Follow him on Twitter @SeanMoran3.

Authored by Sean Moran via Breitbart May 10th 2024