China Now America’s Number One Cyber Threat – Us Must Get Up To Speed
RSAC Russia used to be considered America’s biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.
This shift was signified by the Volt Typhoon attacks against the US last year, retired Rear Admiral Mark Montgomery told the RSA Conference in San Francisco on Monday.
Volt Typhoon subverted companies supporting US critical infrastructure and Montgomery confirmed reports that Chinese officials had been quite open with the Biden administration in December 2024 that they were responsible.
Montgomery, a former director for transnational threats for the US National Security Council, said that, particularly when it comes to cyber issues, the US has focused on defense as its key strategy. But in doing so, this had allowed other nations to hone their cyber skills, and China has risen to be the key adversary in this vital battleground.
I think the Chinese Communist Party has gotten wicked good at this… we preached that China did intellectual property theft, they did joint venture theft, they did minor espionage. But now we see they’re actually a major player
“I think that cyber threat is actually the greatest daily threat to the safety and security of American citizens and in the American way of life and how we do things,” Montgomery said. “I think the Chinese Communist Party has gotten wicked good at this.”
“For two decades, we preached that China did intellectual property theft, they did joint venture theft, they did minor espionage. But now we see they’re actually a major player, and China’s bold Typhoon penetration really was an opportunity for their hackers.”
Montgomery said that in 2015 the US military had recruited 6,400 people to work in cyber offense, of which 2,100 recruits came from the Navy. That figure had since risen by just 3 percent to around 6,700, while he suggested Chinese offensive staffing levels were up around 1,000 percent over the same timeframe.
The former national security director also noted that while American military bases were relatively safe and well protected – and have dual redundancy in power, water and communications systems – commercial systems are not. So if it came time to move troops around, they would have to do so on relatively unsecured infrastructure. Knock out local rail and air traffic control, and safe troop movements would be very limited.
The US critical infrastructure is currently largely privately owned, and corporations are not very interested in upping protection levels. Incidentally, the traditional metric is that “85 percent” of critical networks are privately owned, but that number had been made up in the 1990s, he said.
“I was at the White House in 1998 where we made the number up. My boss, Dick Clark [the chief counter-terrorism adviser on the National Security Council at the time,] just pulled that number out of his ass,” he recounted. “But mathematically, we’ve now determined it is somewhere between 82 and 86 percent owned and operated by the private sector, state, and local governments.”
Salt Typhoon, carried out in conjunction with Volt Typhoon, was a more traditional Chinese intelligence operation, used to hack communications systems for espionage. But Volt Typhoon was aimed right at the US critical infrastructure and was a demonstration of quite how advanced the Chinese are in this area.
So how would China use this power? Montgomery predicted that the typhoon would be unleashed at a critical time in US history to amplify a crisis – and the most likely example would be if, or most likely when, China decided to take Taiwan.
“I think this is about lowering the US public’s confidence in the government and their appetite to be involved in a crisis – if it’s hard to get excited about a crisis in Taiwan, a country 90 percent of Americans can’t identify on the map,” he predicted.
“So it’s very hard to get American people excited about, committed to, or patriotic about, a military crisis in Taiwan if at the same moment your ATM is not working, your power is intermittent, and/or your water system is compromised.”
Russia was a potential threat, and was actively working on subverting American IT systems, but its resources were limited. He noted that ransomware attacks have risen by about 20 percent a year for the last half-decade, with the exception of March, April, and May 2022 – presumably due to criminals being dragooned in to help with the invasion of Ukraine.
As for other adversaries, Montgomery dismissed North Korea, calling it a “cyber gang masquerading as a nation state.” Iran was a potential threat but was mainly a local force and didn’t have the hacking skills and investment of China and Russia, he said.
In response, the US needs to immediately start recruiting more offensive online operators to the US military, and his solution was – in part – to call in the National Guard. There’s a lot of unused talent in the Guard, he suggested, and this could be used to give a fillip to US cyber forces.
He also promoted an idea first put forward years ago – extending the 2002 Sarbanes-Oxley Act that requires financial safeguards for American companies to include a requirement for greater cybersecurity preparation and reporting.
CEOs aren’t going to put the spending into hardening critical infrastructure security unless they are forced to, and doing so could make US systems much more resilient. They need to be, he concluded. ®
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
