Chinese Hackers May Control Your Water And Are Laying in Wait, FBI Warns — 3 Startups To Watch

Chinese state-sponsored hackers are orchestrating advanced attacks that could “wreak havoc” on critical U.S. infrastructure, Federal Bureau of Investigations (FBI) director Christopher Wray said.

“Everything from water-treatment facilities and energy grids to transportation and information technology — form the backbone of our society,” he told attendees at Thursday’s Summit on Modern Conflict in Nashville.

What happens if those things are attacked? Wray warned that such a scenario could occur at any time.

“China is positioning its enormous hacking enterprise — remember, 50 to 1 — for more than ‘just’ the outrageous theft campaign,” he added. “It's using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing.”

Wray called on private companies to bring “vigilance to the table” and play “a central defensive role to generate vital information about what adversaries are doing — or preparing to do — against us.”

3 OT Startups To Watch

According to Wedbush analyst Taz Koujalgi, Wray’s comments “are not alarmist at all.” They underscore the growing importance of OT (operational technology) specialists.

Three firms come to mind:

• Dragos Inc. is “one of the leading pioneers in the OT sector,” Koujalgi told Benzinga. The Hanover, Maryland-based company has, so far, collected about $440 million in venture capital.
• New York-based Claroty, which has raised over $635 million in funding to date, secured another $100 million in backing last month.
• And San Francisco-based Nozomi Networks also clinched $100 million in new funding last month, totaling more than $260 million.

Most “security spend” happens today in the traditional IT infrastructure space, Koujalgi said. “But real infrastructure — your pipelines, electrical grids and water treatment plants — is fairly behind in investment and security spend.”

And sourcing capital in the OT sub-sector is especially tough considering venture support is down across the board.

Another challenge: These types of infrastructure attacks are “fairly new” and “fast-moving.”

New software is being written every day, and code from five years ago is in danger of being obsolete as bad actors routinely find holes in that software, Koujalgi explained.

Basically, “it’s hard to keep pace with the bad guys.”

See Also: Russian Online Influence Resurgence Poses Threat To US Election — Star Blizzard Hacking Activity Escalates, Warns Microsoft

Who Are The Bad Guys?

Recall how, in 2023, security analysts at Microsoft Corp. (NASDAQ:MSFT) and Western intelligence agencies uncovered how a state-sponsored Chinese hacking group known as “Volt Typhoon” was spying on various U.S. critical infrastructure organizations.

China and the U.S. routinely spy on each other. But analysts say this incident was one of the most extensive Chinese cyber-espionage campaigns against American critical infrastructure.

China dismissed cyberattack allegations in March as “pure political maneuvering.”

Lin Jian of the Chinese Foreign Ministry urged the U.S. to end “their own cyber aggression against China. "

But, as Wray told it, Volt Typhoon has “persistent PRC access … They were hiding inside our networks, using tactics known as ‘living-off-the-land’ — essentially, exploiting built-in tools that already exist on victim networks to get their sinister job done, tools that network defenders expect to see in use and so don't raise suspicions — while they also operated botnets to further conceal their malicious activity and the fact that it was coming from China. All this, with the goal of giving the Chinese government the ability to wait for just the right moment to deal a devastating blow.”

And it’s not just China. There was also a group of hackers called DarkSide that, in 2021, was blamed for the cyberattack on Colonial Pipeline, which led to a complete shutdown.

That same year, a cyberattack on the heavily guarded Natanz plant in Iran took place. The disruption reportedly set back Tehran’s nuclear program by nine months. Neither the U.S. nor Israel acknowledged involvement in what was believed to be a sabotage campaign.

ETFs To Consider: Here are five cybersecurity exchange-traded funds (ETFs) to note:

• Amplify ETF Trust Amplify Cybersecurity ETF (NYSE:HACK)
• First Trust NASDAQ Cybersecurity ETF (NASDAQ:CIBR)
• iShares Cybersecurity and Tech ETF (NYSE:IHAK)
• WisdomTree Cybersecurity Fund (NASDAQ:WCBR)
• Global X Cybersecurity ETF (NASDAQ:BUG)

Now Read: Russian Government-Linked Hackers Stole Federal Email Correspondence With Microsoft – CISA

Image: Pixabay