China is using AI to sharpen every link in its attack chain, FBI warns

April 29, 2025 TH Author

RSAC The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: “China.”

In an interview with The Register during RSA Conference, she said Chinese government-backed crews are testing out AI in every stage of the attack chain. This isn’t to say that they’re succeeding, but it does make them “more efficient, or might make them a little faster,” Kaiser added.

The ongoing threat from Beijing-backed digital intruders burrowing into America’s critical facilities likely isn’t a huge shock to anyone who can name at least two of the Typhoons that have come to light between last year’s RSAC and this year’s infosec event.

By now, most people are aware of the sophistication and stealth with which Beijing’s snoops move around critical government, telecommunications, energy, and water networks, sometimes for years before being detected.

Volt Typhoon, for example, infected hundreds of outdated routers to build a botnet and break into US critical infrastructure facilities, all the while readying destructive cyberattacks against those targets.

And another Chinese espionage crew, Salt Typhoon, compromised at least nine US telecommunications companies and government networks last year, before attempting to exploit more than a thousand internet-facing Cisco devices as recently as January.

These and other agents working on behalf of the Chinese government break into American networks through “unsophisticated means, or especially end-of-life devices,” Kaiser told The Register.

“We see them coming in, oftentimes, through unpatched vulnerabilities or an unpatched device, and then when they get onto a system it’s very quiet,” she said.

FBI agents who responded to China’s Volt Typhoon intrusions and visited some of the energy and other compromised facilities “will talk about how deftly the Chinese navigated an internal system, coming in through a business network to get to the operational side,” Kaiser noted. “That’s what we saw with Salt Typhoon as well: being able to move laterally and navigate, taking their time to get the access they want.”

One of former FBI Director Christopher Wray’s favorite warnings was that China has 50 dedicated hackers for every one of the bureau’s cyber-focused agents – and that was well before the Trump administration returned to the White House and slashed federal budgets and employees from the payroll.

So it would seem that America is only making it easier for Chinese operatives to do their job.

‘Business as usual’

But when asked how the recent government changes have affected the FBI’s ability to respond to cyberthreats, Kaiser said: “For us, it’s really been business as usual.”

That business involves responding to nation-state attackers as well as ransomware gangs and other financially motivated cybercriminals, who are increasingly using AI to make their attacks more efficient, faster, and scalable.

“At the FBI, we track AI really closely, in a refined way, to say, over time, which countries are either doing the use case or more frequently integrating it into which part of their operations across the attack life cycle,” Kaiser added. “The widest adoption of use cases we’ve seen is from China and cybercriminals.”

This includes using AI to create fictitious business profiles at scale, and using these with the help of large language models to craft more believable spear-phishing messages to use in social engineering campaigns.

Still, the intruders’ use is similar to the defenders’ in that they are not using AI to launch end-to-end attacks, but rather to make their initial scanning and preparation stages more efficient. “We see a lot of adversaries just trying it out. How could I use AI here? What would it mean there? And it might just mean they’ve enriched a target campaign, it doesn’t mean they’ve created polymorphic malware that can change when it’s on a system,” Kaiser noted.

So while the doomsday scenarios that we all heard about at previous RSA Conferences haven’t yet morphed into reality, attackers are using AI for more practical purposes.

“The other way that companies need to be worried about AI is that it does help an adversary map a network better,” Kaiser said. “So once they’ve got onto a network, it does help enable where they might want to go.”

This is significant because the “first line of defense is: keep adversaries out,” she added. “The second one, though, is then ensuring that people can’t move around your network.”

MFA – or a safe word

In addition to these two uses for AI, the technology also makes it easier for everyone from fake North Korean IT workers and common crooks to create deepfake videos and swindle companies and individuals out of money and steal their sensitive IP.

“Imagine you get a call from your CEO,” Kaiser said. “It’s on a messaging app you’ve used before, and it’s your CEO sitting in a house where you’ve seen them many times, and they tell you: I need you to make a wire transfer here, or join an urgent online meeting at this link. A lot of us, me included, would probably do what my CEO told me to do without thinking, could this be fake?”

Criminals are doing this, and using deepfake videos to “swindle millions from businesses as a result,” she added. “So it’s going to be imperative to add MFA to everything.”

For digital systems, this may include an authentication code or biometric data like a fingerprint. But for a scenario when someone at your company appears to be asking you to transfer large sums of money, multi-factor authentication may involve a more low-tech way of verifying someone’s identity.

According to Kaiser: “Old-school MFA is having a secret word.” ®