Exit selectivity it will come to order. This is a short hearing weve never had this combination of witnesses. A collection of expertise to help us make sense of what the chinese, and his partys doing in cyberspace and i can better defend ourselves. Our hats off we spent a lot of time on this committee debating or thinking about the question of whether xi jinping will make a move militarily against taiwan. And what would be a timeline for such a move . Obviously this is a nun on noble question people continue to debate it. In some meaningful sense i wonder if such an invasion or a preparation which would be incredibly costly if the Ranking Member very eloquently pointed out yesterday has already begun. The intelligence preparation of the battle space has already begun. Put differently for over 20 years they have been attacking us the government, defense Contractors Technology firms in cyberspace that is a fact. For a long time the attacks rubbing a valuable technology that was then used to drive the military modernization. But another focus of attack has been gathering Sensitive Information on hundreds of millions of americans with attacks on companies the office of Personnel Management i am sure anyone else who served in the military got a nice letter after our military records have been compromised mind is framed in my office in my basement. According to the fbi vast Hacking Program is the largest they have stolen a more americans a personal business data than every other nation combined. But that was not enough of the ccp in the past few years our intelligence and cybersecurity agencies are hacked into american Critical Infrastructure for the sole purpose of disabling and destroying our Critical Infrastructure in the event of a conflict over taiwan. This is the cyberspace equivalent of placing bombs on american bridges. Water Treatment Facilities and power plants. There is no economic benefit for these actions. There is no pure intelligence gathering rest rationale the sole purpose is to be ready to destroy american infrastructure which would inevitably be insults and confusion and mass casualties. It is outrageous. Its an active direct threat to her homeland, our military our ability to surge forward forward and it is not a hypothetical as our witnesses will testify today the Chinese Government has already done it. For Cyber Warriors are doing everything they can to stop it. For dealing with malware and Water Utilities power grids and other utilities in our westernmost territories and across the American Homeland the damage that could be done by this is almost hard to imagine. We need to step up and defend our Critical Infrastructure. Defend ourselves it is a critical parts of deterrence it will take on precedent a collaboration between the public and private sectors to create the kind of layered cyber deterrence we need to prevent disaster its not just a government problem it is a whole of society problem. Our committee is called the select committee on strategic competition between the United States the chinese common is parted that is a long title. But in a very real way it the name of our committee vastly understates the problem. Its not just strategic competition but a strategic threat. P we do not address this threat will turn off the lights for Everyday Americans to shut down cities and cause massive loss of american lives that is unacceptable. I believe men and women of good faith and both parties can come together to prevent that from happening that is what todays hearing is all about i not recognize the rink member for his Opening Statement brickwork think it was richard thank you to the witnesses are coming today. I understand today is a change of command you made time to come and see us. I expect this will be unplugged. And so we really look forward to todays testimony. Look folks, today it we will talk but ugly gorilla and candy gave these are not my kids instagram handles. In fact these are alias used by hackers working for the Peoples Liberation army otherwise known as pla. Specifically this one ted poster shows and members of unit 61398 whom we indicted in 2014 for hacking into companies instilling intellectual properties. This is the first time we have ever indicted p seat nationals r computer hacking in the u. S. For years the ccp carefully set cited how they ran Cyber Operations. To develop its own concept for cyber warfare. Xi jinping himself called for the prc to become a quote cyber superpower and to dominate the world their information warfare. In the last dozen years the ccp has you Cyber Operations resealing ip from companies, clutching private citizen data, hacking into government emails, even potentially gathering personal data from apps like tiktok. However today we will be discussing an even darker side of the ccp cyber warfare tactics. Activities that go far beyond merely stealing information. Damage the infrastructure. You might ask why. Very simple. Potentially harmless any time of conflict. They talk about missile strikes with cyber attack as part of the offense of operation to protect power in asia or to cause societal chaos inside the United States. This means targeting americans. This means we could suffer large scale blackouts in major American Cities and lose access to our cell towers and the internet, access to clean water and food. So how do we respond . We must be clear eyed about the threat. The objective for the cyber attack or not just to impede military readiness. They seek to target civilian infrastructure that because Political Economic and social chaos and in their own words, quote, shake the enemies will. Second, we must hunt and destroy malware and discover and destroy all malicious codes they are attempting to hide within our network and Critical Infrastructure. In fact less than 48 hours ago, they reported the Justice Department and the fbi were authorized to remotely disable aspects of the ccp Hacking Campaign underway now to protect the networks devices. This is exactly the type of proactive action that we need to take and we need to work with our partners and allies to do the same. I look forward to hopefully learning more from the witnesses about this particular counter campaign. We must do to are our adversaries. While malicious code hasnt yet disrupted any of our networks, any cyber attack that results in physical damage or loss of life would grant the United States the inherent right to selfdefense. If the ccp were to activate code that could cause harm, we need to make sure that we have the capability to respond and respond decisively. I look forward to hearing from the Witnesses Today and yield back the balance of my time. We are privileged to have a great panel of witnesses. The second confirmed National Cyber director. I dont want to play favorites on the panel but when i called you to try to convince, i felt a little guilty because the fact that you were willing to do this i think is the ultimate testament of more to the type of Public Servant that you are. Willing to do this and what are your changing command is usually to drop a week ago. My experience working with you are forthcoming at generous times. Thank you for an exceptional career of public service. [applause] i asked the witnesses to stand and raise your right hand and i will spare you in. Do you swear or affirm under penalty or perjury the testimony youre about to give is true and correct to the best of your knowledge and belief, so help you god . Let the record to show the witnesses answered in the affirmative. Thank you all and to the National Cyber director. Director ray will begin with his opening remarks, which i think will include a major announcement. You may proceed. Thank you, chairman gallagher, the members of the select committee for inviting me here to testify today to discuss the fbis ongoing efforts to protect our nation from actions taken by the Chinese Government that threatens americans safety and prosperity. My comments today are not of Chinese People were Chinese Americans who contribute much to the country and frankly are often the victims Chinese Communist party aggression themselves. Rather, when i talk about the threat posed by china, i mean, the government of china particularly led by the ccp. The ccps dangerous actions, the multipronged assault on the national and Economic Security make it a threat of our generation. When i described the ccp as a threat to American Safety a moment ago, i meant that quite literally. There has been far too little public focus on the fact drc hackers are targeting our Critical Infrastructures, Water Treatment plants, electrical grid, oil and natural gas pipelines, transportation systems, and the risk that poses to every american requires our attention now. Chinas hackers are positioning on american infrastructure in preparation to wreak havoc and cause realworld harm to american citizens and communities if and when china decides the time has come to strike. They are not focused just on political or military targets. We can see from where they position themselves across civilian infrastructure that low blows are just a possibility in the conflict, they are part of chinas plan. But the cyber onslaught goes way beyond pre positioning for future conflict. Today and literally every day they are actively attacking our Economic Security, engaging in wholesale theft of our innovation and personal and corporate data, nor is cyber the only threat we face. The prc cyber threat is made vastly more dangerous by the way they knit cyber into a whole of Government Campaign against us. Human sources to target our businesses using insiders to steal the same kinds of innovation and data that hackers are targeting while engaging in corporate deception hiding their hand in transactions, joint ventures and investments to do the same. And they dont just hit the security and economy. They target our freedoms, reaching inside our borders across america to silence, coerce and threaten some of our citizens and residents. But i can assure you the fbi is laser focused on the threat posed by beijing. Weve got cyber, counterintelligence, criminals and wmd experts just to name a few defending against this and we are working in partnership with the private sector, with our allies abroad and at all levels of the u. S. Government, especially the nso Cyber Command and whose leaders im honored to be here with today. In fact just this morning we announced an operation where wee and our partners identified hundreds of routers that have been taken over by the prc statesponsored hacking group. The typhoon malware enabled china to hide among other things preoperational reconnaissance and Network Exploitation against Critical Infrastructures like our communications, energy, transportation and water sectors steps china was taking in other words to find and prepare or degrade the civilian Critical Infrastructure that keeps us safe and prosperous. Lets be clear, Cyber Threats to the Critical Infrastructure represent realworld threats to the physical safety. So, working with our partners, the fbi ran and court authorized on the Network Operations to shut down typhoon and the access that it enabled. The celebration was an important step, but there is a lot more to do and we need your help to do it. To quantify what we are up against, the prc has a Hacking Program than that of every major nation combined. In fact, if you took every single one of the cyber agents and intelligence analysts and focused them exclusively on the china threat, they would still outnumber the cyber personnel by at least 521. So as we sit here while important budget discussions are underway, i will note that this is a time to be keeping ahead of the threat by investing in the capabilities rather than cutting them. We need to ensure that we sustain and build on the gains that we have made that have enabled us to take actions like the typhoon operation i just mentioned. The budgets that emerged from discussions underway now will dictate what kind of resources we have ready in 2027. A year this committee knows all too well the ccp has circled on its calendar. And as ive described, it is already today putting their pieces in place. I dont want those watching to think we dont protect ourselves but i want the American People to know we cannot afford to sleep on this danger. The threat that beijing poses otherwise china has shown it will make us pay. Thank you. Director, you are recognized. Chairman gallagher, Ranking Member and distinguished members of the select committee, thank you for the opportunity to testify. Ive been honored to lead the office of the National Cyber director in the white house for a little over a month now and im grateful to congress and their leadership for creating this office and mr. Ranking member i appreciate the conversation yesterday and your interest in the workforce. Established by congress to advise the president on cybersecurity policy and threats and in particular to coordinate many agencies with Cyber Missions across the government to ensure federal coherence on cybersecurity policies. We have budgetary responsibilities to ensure the government is making appropriate investments in the Cyber Defense and resilience and we focus on implementation to ensure the strategy to successfully and transparently execute. Coordination and collaboration are central. The security remains a team effort and im proud to be testifying some of the nations finest leaders. This hearing is timely because the American Public needs to be aware of the threat to the Critical Infrastructure. Our Intelligence Community has noted that the prc threat actor is pre positioning to the event of conflict conduct disruptive and potentially destructive attacks. The threat actor as it has been named by the private sector partner has conducted Cyber Operations focused not on financial gain or espionage but deep access and a critical critl Infrastructure Systems that put the systems at risk. Their aim is clear in the early stages of the conflict, they want to disrupt our military stability to mobilize and impact the systems that allow us to thrive in the increasingly digital world. We have the initiative from adversaries to defend the American People. Last year President Biden assumed the National SecurityCyber Strategy that outlines a bold vision for prosperous connected future and calls for us to build a future that is a foundation of deep and enduring collaboration among stakeholders in the digital ecosystem. The National Cybersecurity strategy has Technology Agnostic and is built on two fundamental shifts that we must rebalance the responsibility to defend cyberspace and realign the longterm investments. Today users of technology the individuals, Small Businesses and Critical Infrastructure makes up the constituencies in the district theres too much responsibility to keep the nations secure. We must command more from the capable actors in cyberspace including the government. We must build Future Systems to be more inherently defensible and resilient. This means Market Forces and Public Programs alike must reward security and resilience. This leads directly to the first pillar of the strategy that is simple and concepts with daunting scope to send the Critical Infrastructure as we can see from the targeting the Critical Infrastructure systems are on the train on which the adversaries must engage us and Critical Infrastructure owners and operators the majority of whom are private entities, not governments on the front line. Part of our success will come from scaling publicprivate partnerships and collaboration. Beyond the sca