Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.
In a nutshell: An FBI official has warned of a rise in state-sponsored cyberattacks targeting American critical infrastructure, with China emerging as the most persistent and active threat. This concern follows high-profile breaches linked to Beijing-backed groups, who have infiltrated sectors like telecommunications, energy, and water, often remaining undetected for long periods.
In an interview with The Register, FBI Deputy Assistant Director Cynthia Kaiser explained how Chinese state-backed cyber groups use artificial intelligence at every stage of their attack operations. While she acknowledged that these efforts don't always lead to success, AI enhances the speed and efficiency of their efforts. These digital intruders operate with increasing sophistication and stealth, infiltrating critical sectors such as government, telecommunications, energy, and water, often remaining undetected for extended periods.
Recent incidents highlight the scale and persistence of the threat. For instance, the Volt Typhoon group compromised hundreds of outdated routers to create a botnet to infiltrate US infrastructure and set the stage for destructive cyberattacks. Meanwhile, Salt Typhoon breached at least nine US telecommunications companies and government networks last year, and more recently targeted over a thousand internet-facing Cisco devices.
Kaiser noted that these groups often gain access through basic methods, frequently targeting outdated or unsupported devices. She added that attackers typically exploit unpatched vulnerabilities to slip into systems, where they tend to operate stealthily once inside. Federal agents who responded to Volt Typhoon intrusions observed how adeptly the attackers moved within internal systems, transitioning from business networks to operational technology.
"That's what we saw with Salt Typhoon as well: being able to move laterally and navigate, taking their time to get the access they want," Kaiser said. "For us, it's really been business as usual."
Despite changes in government and reductions in federal resources, Kaiser maintained that the FBI's approach has not shifted. The agency continues to respond to nation-state actors and financially motivated cybercriminals, who increasingly leverage AI to enhance the speed and scale of their attacks.
The FBI closely tracks how artificial intelligence is woven into cyber operations, analyzing which countries are adopting it and how frequently it appears across different stages of the attack process. According to Kaiser, China and cybercriminal groups have shown the broadest use of AI-driven tactics.
Cybercriminals now use artificial intelligence to automate tasks such as creating fake business profiles and crafting more convincing spear-phishing messages with large language models. However, Kaiser stressed that attackers remain in the exploratory phase and have not adopted AI for fully automated, end-to-end attacks. In many cases, they use the technology to enhance specific parts of a campaign rather than to build advanced tools like polymorphic malware.
The practical impact of AI in cyberattacks is already evident. Once attackers infiltrate a network, AI helps them map it more effectively and identify their next moves. Kaiser also emphasized the importance of strong defenses, stating that companies must block unauthorized access first and restrict attackers' movement within the network.
In addition to digital intrusions, AI is enabling new forms of fraud. Kaiser highlighted how deepfake technology allows attackers to deceive employees. For example, an attacker might impersonate a CEO in a familiar messaging app or other trusted setting and ask for a wire transfer or an urgent online meeting. Kaiser emphasized that many people, herself included, might comply without questioning the authenticity of the request. Criminals are exploiting these tactics to defraud businesses of millions.
Kaiser also stressed the importance of multi-factor authentication, not only for digital systems but also through low-tech methods.
Old-school MFA is having a secret word," Kaiser said.
English (US) ·