He added that the operation was part of Beijing’s strategy to “find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous”.

“The PRC cyber threat is made vastly more dangerous by the way they knit cyber into a whole-of-government campaign against us,” Wray told members of the House Select Committee on the Chinese Communist Party.

“They recruit human sources to target our businesses using insiders to steal the same kinds of innovation and data that their hackers are targeting, while also engaging in corporate deception, hiding Beijing’s hand in transactions, joint ventures and investments to do the same.”

He also said China’s hacking programme was larger than those of “all other major nations combined”, adding that even if all FBI cyber agents and intelligence analysts were to focus exclusively on this threat, “Chinese hackers would still outnumber FBI cyber personnel by a ratio of at least 50 to 1.”

Jen Easterly, the CISA director, expressed “deep concern over the evolution of Chinese attacks on critical US infrastructure”. She told lawmakers at the hearing that Chinese cyber actors had penetrated US critical infrastructure to enable destructive attacks in the event of a major crisis or conflict.

Chinese hackers spying on US critical infrastructure, Western agencies say

Easterly warned that a major crisis on the other side of the globe could potentially endanger American lives at home by disrupting pipelines, cutting telecommunications links, polluting water supplies and paralysing transportation. This, she said, was being done to incite “societal panic and chaos and to deter the US’s ability to mobilise military might and civilian will”.

She called on Congress to pass legislation that holds tech manufacturers accountable for potential structural defects that jeopardise national security.

“Unfortunately, the technology underpinning our critical infrastructure is inherently insecure because of decades of software developers not being held liable for defective technology,” she said.

“That has led to incentives where features and speed to market have been prioritised against security, leaving our nation vulnerable to cyber invasion.”

Representative Mike Gallagher, Republican of Wisconsin and chair of the committee, compared the cyberattacks to “placing bombs on American bridges, water treatment facilities and power plants”.

“There is no economic benefit for these actions. There’s no pure intelligence-gathering rationale. The sole purpose is to be ready to destroy American infrastructure, which would inevitably result in chaos, confusion and potentially mass casualties,” he said.

“It’s an active and direct threat to our homeland, to our military, our ability to surge forces forward in the event of a conflict.”

He highlighted the importance of deterrence and called for an “unprecedented level of collaboration between the public and private sectors”. Gallagher said that creating a multilayered cyber deterrent to prevent disasters was not just a government issue, but one that affected society as a whole.

US House panel targeting Chinese influence makes its mark, to mixed reviews

“If we do not address this threat, then the CCP will have the ability to turn off the lights for everyday Americans, shut down cities and cause massive loss of American lives. That’s unacceptable,” he said.

Representative Raja Krishnamoorthi, a Democrat from Illinois and the committee’s ranking member, outlined a three-pronged approach to countering the threats posed by the Chinese Communist Party’s cyber capabilities.

He emphasised the need for a clear understanding of the threat and said the CCP’s cyber objectives go beyond compromising military readiness, targeting civilian infrastructure “to cause political, economic and social chaos”. He quoted the People’s Liberation Army’s own words, whose goal is to “shake the enemy’s will to war”.

He said that while malicious Chinese code has not yet disrupted any US networks, any cyberattack that results in physical damage or loss of life would give the US “the inherent right of self-defence”.

The Chinese Embassy in Washington did not immediately respond to a request for comment on the allegations, but accusations against Beijing-backed hackers are not new.

In May, Microsoft reported that experienced hacking groups were targeting critical US infrastructure to disrupt communications with Asia in a potential future crisis. The report indicated that the operations would focus primarily on Guam, an island in the North Pacific with a significant American military presence.

Microsoft also warned that Volt Typhoon members were dedicated to disrupting public transport, information technology, education, communications, construction and public services.

The company said that the hackers exploited manufacturing flaws in Fortiguard devices to access routers in “dozens of small offices and network equipment”.

02:44

US, Britain and EU accuse China of sponsoring massive Microsoft email server hack

US, Britain and EU accuse China of sponsoring massive Microsoft email server hack

That same month, the US Navy reported the discovery of a broad Chinese campaign aimed at disrupting US military communications capabilities in Pacific regions critical to Beijing and its sovereignty claims over the South China Sea and Taiwan.

Beijing denied the allegations, calling them a “collective disinformation campaign” designed to serve the geopolitical agenda of the “Five Eyes”, the intelligence and defence agencies of the United States, Australia, Britain, Canada and New Zealand.

Chinese Foreign Ministry spokeswoman Mao Ning said, “It is widely known that the Five Eyes are the world’s largest intelligence association and the NSA is the world’s largest hacking group.”