Chinese military-affiliated hackers have intensified their efforts to infiltrate critical American infrastructure, including power and water utilities, as well as communication and transportation systems. These cyber intrusions aim to disrupt and cause chaos in the event of a U.S.-China conflict in the Pacific. Multiple sources have confirmed that hackers associated with China’s People’s Liberation Army have successfully breached the computer systems of approximately 24 crucial entities within the past year.

While the specific targets have not been disclosed, sources indicate that a water utility in Hawaii, a major West Coast port, and at least one oil and gas pipeline have fallen victim to these cyberattacks. Furthermore, there have been attempted breaches on the operator of Texas’s independent power grid. Notably, the Chinese military’s interest in Hawaii, home to the Pacific Fleet, suggests a desire to complicate U.S. efforts to deploy troops and equipment to the Pacific region in the event of a conflict over Taiwan.

It is important to note that none of the intrusions have directly affected the industrial control systems responsible for critical functions or caused disruptions, according to U.S. officials. However, the growing attention to these infrastructure targets indicates a significant shift in Chinese cyber activities. Rather than focusing solely on political and economic espionage, Chinese hackers now prioritize the ability to disrupt or destroy critical infrastructure, affecting the U.S.’s decision-making capabilities during a crisis.

Code-named “Volt Typhoon,” this cyber campaign was first detected by U.S. authorities approximately a year ago. The recent disclosure of additional details surrounding the operation shed light on China’s escalating cyber capabilities. Officials reveal that the hackers employ various methods to mask their tracks, often utilizing innocuous devices such as home or office routers to infiltrate their targets. Their primary objective is to steal employee credentials for future access, while additional entry methods remain undisclosed.

These cyberattacks serve as a pre-positioning strategy, enabling the Chinese military to establish tunnels within U.S. infrastructure undetected. Subsequent reconnaissance operations can determine the feasibility of penetrating industrial control systems or targeting more critical companies or infrastructure. When the order is given, the hackers can swiftly transition from reconnaissance to attack mode.

The potential consequences of these cyber intrusions on U.S. critical infrastructure are deeply concerning. A conflict with China could prompt aggressive cyber operations against American infrastructure and military assets worldwide. The Office of the Director of National Intelligence warns that China possesses the capability to launch cyberattacks capable of disrupting various elements of infrastructure, including oil and gas pipelines and rail systems.

While some targeted entities were smaller companies across multiple sectors, the attackers’ motivations appear opportunistic. The goal may be to gain access to less critical supply chains as a stepping stone toward infiltrating larger, more important targets.

Internally, Chinese military officers have discussed the potential use of cyber tools or “network warfare” in conflicts. Strategies involving synchronized air and missile strikes alongside disruptions to command-and-control networks, critical infrastructure, satellite networks, and military logistics systems have been mentioned. Though not explicitly stated, these tactics are believed to be relevant to a hypothetical Taiwan scenario.

