Filenews 23 January 2025 - by Catherine Thorbecke
If a conflict arises between the US and China, potentially over Taiwan, Americans will face a far more serious threat to their daily lives than TikTok propaganda. In the worst-case scenario, they may not be able to put gasoline in their cars or turn on their home lights.
Chinese hackers are infiltrating the networks of important, critical U.S. infrastructure, including energy networks, water treatment plants, and transportation networks. These cyber incursions are part of a plan for Beijing, if it wants to, to "strike below the belt against civilian infrastructure to try to cause panic and bend America's will to resist," FBI Director Christopher Wray said at a cybersecurity summit last April. In other words, these keyboard warriors are preparing their ability to paralyze vital aspects of American life.
As the government continued to investigate the extent of this cyberespionage campaign by a group dubbed Volt Typhoon, the White House confirmed in December that another organization called Salt Typhoon had managed to breach major U.S. telecommunications giants. One lawmaker called it "by far the worst telecommunications hack in our nation's history." Americans were taken by surprise again recently when the Treasury Department revealed that a separate state-backed hacker had breached its network. It was reported that he even infiltrated Treasury Secretary Janet Yellen's computer.
The recent cyber espionage barrage, in which Beijing has officially denied any involvement, represents a big, embarrassing U.S. failure. America will never win a technology war with China if it cannot protect even its basic infrastructure or government devices from such attacks.
Despite the high risks of potentially dramatic consequences, the more obscure aspects of cybersecurity have never been a particularly attractive rallying point in Washington. Tangible targets like TikTok, and even the Chinese spy balloon in 2023, are distracting much more "oxygen" and attention from the public. But protecting and countering Beijing's sophisticated — and invisible — cyberespionage campaigns will ultimately emerge as President Donald Trump's biggest test when it comes to China.
Investigations into the recent attacks remain ongoing, and we'll likely learn a lot more in the coming months (as we will also witness several accusations as authorities identify weak spots). However, some initial reports suggest that Salt Typhoon's attacks on telecommunications networks resulted from vulnerabilities caused by outdated equipment. Lawmakers should work with the private sector to ensure that the weaknesses identified are corrected immediately.
The government's Cybersecurity and Infrastructure Security Agency last month urged "high-risk individuals" — such as people who hold high-ranking positions in government or politics or are likely to hold information of interest to Beijing — to start using only encrypted communications, among other best practices. The guidelines warn that "they should assume that all communications between mobile devices – including government and personal devices – and internet services are at risk of interception or manipulation."
It is imperative that agencies and government agencies require potential targets to comply with recommendations – breaches often occur at the weakest links, which are often individuals who ignore such theoretically required protocols.
The U.S. is outnumbered in this battle. Beijing-backed hackers outperform FBI cyber agents by "at least 50 to one," Ray has repeatedly warned lawmakers, adding that China has "the largest hacking program of all the major nations combined." Countering such threats will require significantly more investment in human resources and the creation of teams focused solely on this risk.
It will also require significant cooperation with the private sector. Technology manufacturers and software providers need to recognize cybersecurity as a top business priority. Washington should also deepen partnerships with critical infrastructure providers to ensure these often understaffed sectors take the best precautions. Lawmakers should work on targeted regulations that require high-risk companies to ensure robust defenses, rather than mere voluntary compliance.
The United States last week announced sanctions on a Chinese company, as well as an individual allegedly linked to China's Ministry of State Security and recent cyberattacks. The measures against Sichuan Juxinhe Network Technology Co., a cybersecurity firm, and Yin Kecheng, who was accused of involvement in the Treasury Department cyberattack, block the ability to do business with the U.S. and hinder U.S. ownership, but are unlikely to have a material impact on their activities or goals. This is a clear message, but it is not enough to address the risk.
Trump campaigned with tough rhetoric toward China, threatening a new trade war through major tariffs. But his track record in cybersecurity hasn't always been effective. During his first term, he stepped down as the country's cybersecurity chief and proposed massive cuts to federal agencies through a "government efficiency" effort involving Elon Musk. Cybersecurity should be at the top of Trump's tech policy agenda, even if it's less politically popular than moves like saving TikTok or appointing a head of crypto and artificial intelligence.
The threat of Chinese cyber attacks is nothing new, but it is now evident that they no longer target only companies' intellectual property or data related to political campaigns. The hackers previously revealed their motives when they fell into a so-called "honeypot" trap set by the FBI, quickly stealing information related to controlling infrastructure systems while ignoring financial and business data.
It has become clear that Beijing's hackers are preparing for conflict and cyberwarfare. The U.S. cannot afford to be unprepared.
