Although FBI officials are not always the most credible sources on subjects supposedly within their area of expertise, FBI director Christopher Wray’s assertion about the scope of China’s state-sponsored hacking efforts is all too plausible (Reuters, September 18, 2023):
U.S. officials have been sounding the alarm about Chinese hackers for years. But even after decades of handwringing over the theft of American secrets, Wray’s comments were unusually stark.
“China already has a bigger hacking program than every other major nation combined,” Wray said. “If each one of the FBI’s cyber agents and intelligence analysts focused on China exclusively, Chinese hackers would still outnumber our cyber personnel by at least 50 to 1.”
Among the recent incursions that have been traced to China are hacks into the email accounts of various U.S. agency officials, including Gina Raimonda, secretary of the Commerce Department, and various State Department officials.
The U.S. Cybersecurity & Infrastructure Security Agency recommends that organizations take the following actions, among others, to guard against cyber-adversaries:
Establish a security baseline of normal host behavior and user activity to detect anomalous activity on endpoints.
Isolate privileged administrator actions and locations to a manageable subset of locations, where effective baselines of “where” and “who” can be established.
Prioritize logging (e.g., command-line interface) and close and/or monitor high-risk ports (e.g., Remote Desktop Protocol, Server Message Block, File Transfer Protocol, Trivial File Transfer Protocol, Secure Shell, and Web Distributed Authoring and Versioning).
The pool of potential cyber-talent in China is large. Its current population is about 1.4 billion.
