According to experts and government sources, we are witnessing an alarming escalation in cyber threats emanating from China, signaling a shift in Beijing’s cyber warfare strategy. These threats, far more insidious than previous endeavors focused on espionage and data theft, aim to infiltrate and potentially disrupt critical American infrastructure. This evolution in China’s cyber activities reflects a sinister intent to undermine U.S. national security, particularly in the context of escalating tensions in the Pacific region.
Chinese hackers, reportedly linked to the People’s Liberation Army, have systematically targeted several critical entities in the U.S. Among the most notable incidents in the past year are cyber intrusions into a water utility in Hawaii, a major West Coast port, and an oil and gas pipeline. These are not isolated incidents but part of a larger, more coordinated effort by China to develop capabilities that could sow panic, cause chaos, or disrupt logistics in the event of a U.S.-China conflict, especially concerning Taiwan.
The implications of these intrusions are profound. Brandon Wales, the executive director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), starkly noted, “It is very clear that Chinese attempts to compromise critical infrastructure are in part to pre-position themselves to be able to disrupt or destroy that critical infrastructure in the event of a conflict.” This change in Chinese cyber activity, from a focus primarily on political and economic espionage to one that threatens to disable or destroy critical infrastructure, marks a significant escalation in the cyber threat landscape.
The United States has responded to this heightened threat with a multifaceted approach. The Biden administration has rolled out first-ever cyber regulations for the oil and gas pipeline sector and sought to strengthen the cybersecurity of public water systems. However, these initiatives have faced challenges, including lawsuits from states alleging regulatory overreach. Despite these hurdles, the U.S. government remains committed to enhancing the nation’s cyber defenses.
In addition to regulatory measures, the U.S. has increased its efforts to improve coordination with the private sector, which owns the majority of the nation’s critical infrastructure. Companies like Microsoft are playing a pivotal role by sharing anonymized information about adversary tactics and indicators of system compromises. This public-private partnership is crucial for detecting and mitigating cyber threats more effectively.
The challenge that lies ahead for the U.S. is not just in defending against these intrusions but also in understanding and anticipating future threats. The Chinese military’s cyber activities, as noted by Joe McReynolds, a China security studies fellow at the Jamestown Foundation, are akin to building tunnels into an enemy’s infrastructure, lying in wait for the opportune moment to switch from reconnaissance to attack. This metaphor aptly captures the stealthy and strategic nature of these cyber intrusions.
In the face of this growing threat, the U.S. must remain vigilant. The NSA and other agencies have recommended measures like mass password resets and the implementation of more secure forms of multifactor authentication. These steps, while essential, are just part of a broader strategy needed to counter the sophisticated and evolving nature of cyber threats posed by China.
It is the job for of any military or intelligence agency to study its enemy to prepare for war – not to induce it, but to be ready for it. China sees the U.S. as an enemy and is looking for ways to cripple us in such an event. Unfortunately in a free society the opportunities to do damage are almost limitless. It is incumbent upon our own military, intelligence and security industries to find out the vulnerabilities that are being targeted and prevent them from being exploited. Now we just have to figure out:
Are they better than us?