Chinese hackers affiliated with the People’s Liberation Army (PLA) have targeted American infrastructure, including power and water utilities, communication systems, and transportation networks, according to U.S. officials and industry security experts. Over the past year, these hackers have infiltrated the computer systems of about two dozen critical entities, aiming to develop the ability to disrupt or cause chaos in the event of a U.S.-China conflict in the Pacific.

The victims of these cyber intrusions include a water utility in Hawaii, a major West Coast port, at least one oil and gas pipeline, and even the operator of Texas’s power grid. The Chinese military’s interest in these targets suggests that they want to complicate U.S. efforts to transport troops and equipment to the Pacific region in the event of a conflict over Taiwan.

While none of the intrusions had a significant impact on critical infrastructure, the Chinese hackers were able to breach the systems of these entities. Their tactics involved using innocuous devices like home or office routers to mask their tracks and steal employee credentials for future access. The hackers’ ultimate goal is to remain undetected within the infrastructure, gathering intelligence and preparing for potential cyber attacks in the future.

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has acknowledged the significance of these cyber intrusions. Brandon Wales, Executive Director of CISA, stated that “Chinese attempts to compromise critical infrastructure are in part to pre-position themselves to disrupt or destroy that critical infrastructure in the event of a conflict,” marking a shift from China’s previous cyber activities primarily focused on political and economic espionage.

This ongoing cyber campaign, known as Volt Typhoon, poses a significant threat to U.S. national security. Chinese military commanders had refused communication with their American counterparts for over a year, even as close-call intercepts by Chinese fighter jets of U.S. spy planes increased in the western Pacific. It was only recently that President Biden and Chinese President Xi Jinping agreed to restore communication channels.

As tensions between the United States and China escalate, it is vital for the U.S. government and critical infrastructure operators to enhance cybersecurity measures and protect against cyber threats. Vigilance, collaboration, and advanced security technologies are necessary to defend against ongoing and future intrusions by state-sponsored actors.