It said the stealthy attack, carried out since mid-2021, was likely aimed at hampering the US in the event of a regional conflict.
Authorities in Australia, Canada, New Zealand and Britain warned at the same time that Chinese hacking was likely taking place globally, affecting an extensive range of infrastructure.
Discovery of the malware, the Times said, sparked a series of meetings in the White House Situation Room involving top military, intelligence and national security officials in an effort to track down and eradicate the code.
The newspaper quoted one congressional official as saying the malware operation amounted to “a ticking time bomb.”
The White House issued a statement on Friday that made no mention of China or military bases.
“The Biden administration is working relentlessly to defend the United States from any disruptions to our critical infrastructure, including by coordinating inter-agency efforts to protect water systems, pipelines, rail and aviation systems, among others,” said Adam Hodge, acting spokesman for the National Security Council.
He added that US President Joe Biden “has also mandated rigorous cybersecurity practices for the first time.”
