China now America's number one cyber threat – US must get up to speed
- Reference: 1745938927
- News link: https://www.theregister.co.uk/2025/04/29/china_us_cyber_threat/
- Source link:
This shift was signified by the [1]Volt Typhoon attacks against the US last year, retired Rear Admiral Mark Montgomery [2]told the [3]RSA Conference in San Francisco on Monday.
Volt Typhoon subverted companies supporting US critical infrastructure and Montgomery confirmed [4]reports that Chinese officials had been quite open with the Biden administration in December 2024 that they were responsible.
[5]
Montgomery, a former director for transnational threats for the US National Security Council, said that, particularly when it comes to cyber issues, the US has focused on defense as its key strategy. But in doing so, this had allowed other nations to hone their cyber skills, and China has risen to be the key adversary in this vital battleground.
I think the Chinese Communist Party has gotten wicked good at this... we preached that China did intellectual property theft, they did joint venture theft, they did minor espionage. But now we see they're actually a major player
"I think that cyber threat is actually the greatest daily threat to the safety and security of American citizens and in the American way of life and how we do things," Montgomery said. "I think the Chinese Communist Party has gotten wicked good at this."
"For two decades, we preached that China did intellectual property theft, they did joint venture theft, they did minor espionage. But now we see they're actually a major player, and China's bold Typhoon penetration really was an opportunity for their hackers."
[6]
[7]
Montgomery said that in 2015 the US military had recruited 6,400 people to work in cyber offense, of which 2,100 recruits came from the Navy. That figure had since risen by just 3 percent to around 6,700, while he suggested Chinese offensive staffing levels were up around 1,000 percent over the same timeframe.
The former national security director also noted that while American military bases were relatively safe and well protected – and have dual redundancy in power, water and communications systems – commercial systems are not. So if it came time to move troops around, they would have to do so on relatively unsecured infrastructure. Knock out local rail and air traffic control, and safe troop movements would be very limited.
[8]
The US critical infrastructure is currently largely privately owned, and corporations are not very interested in upping protection levels. Incidentally, the traditional metric is that "85 percent" of critical networks are privately owned, but that number had been made up in the 1990s, he said.
"I was at the White House in 1998 where we made the number up. My boss, Dick Clark [the chief counter-terrorism adviser on the National Security Council at the time,] just pulled that number out of his ass," he recounted. "But mathematically, we've now determined it is somewhere between 82 and 86 percent owned and operated by the private sector, state, and local governments."
[9]Salt Typhoon , carried out in conjunction with Volt Typhoon, was a more traditional Chinese intelligence operation, used to hack communications systems for espionage. But Volt Typhoon was aimed right at the US critical infrastructure and was a demonstration of quite how advanced the Chinese are in this area.
Infosec experts fear China could retaliate against tariffs with a Typhoon attack [10]READ MORE
So how would China use this power? Montgomery predicted that the typhoon would be unleashed at a critical time in US history to amplify a crisis - and the most likely example would be if, or most likely when, China decided to take Taiwan.
"I think this is about lowering the US public's confidence in the government and their appetite to be involved in a crisis - if it's hard to get excited about a crisis in Taiwan, a country 90 percent of Americans can't identify on the map," he predicted.
[11]
"So it's very hard to get American people excited about, committed to, or patriotic about, a military crisis in Taiwan if at the same moment your ATM is not working, your power is intermittent, and/or your water system is compromised."
[12]America's cyber defenses are being dismantled from the inside
[13]As nation-state hacking becomes 'more in your face,' are supply chains secure?
[14]This is the FBI, open up. China's Volt Typhoon is on your network
[15]Crimelords and spies for rogue states are working together, says Google
Russia was a potential threat, and was actively working on subverting American IT systems, but its resources were limited. He noted that ransomware attacks have risen by about 20 percent a year for the last half-decade, with the exception of March, April, and May 2022 – presumably due to criminals being dragooned in to help with the invasion of Ukraine.
As for other adversaries, Montgomery dismissed North Korea, calling it a "cyber gang masquerading as a nation state." Iran was a potential threat but was mainly a local force and didn't have the hacking skills and investment of China and Russia, he said.
In response, the US needs to immediately start recruiting more offensive online operators to the US military, and his solution was - in part - to call in the National Guard. There's a lot of unused talent in the Guard, he suggested, and this could be used to give a fillip to US cyber forces.
He also promoted an idea first put forward years ago - extending the [16]2002 Sarbanes-Oxley Act that requires financial safeguards for American companies to include a requirement for greater cybersecurity preparation and reporting.
CEOs aren't going to put the spending into hardening critical infrastructure security unless they are forced to, and doing so could make US systems much more resilient. They need to be, he concluded. ®
Get our [17]Tech Resources
[1] https://www.theregister.com/2023/05/25/china_volt_typhoon_attacks/
[2] https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727380822767001hwNs
[3] https://www.theregister.com/special_features/spotlight_on_rsac/
[4] https://www.wsj.com/politics/national-security/in-secret-meeting-china-acknowledged-role-in-u-s-infrastructure-hacks-c5ab37cb?st=SYDJd9&reflink=article_copyURL_share
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/spotlightonrsac&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aBFL7B3ezlDjyunEIggYgwAAAAg&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/spotlightonrsac&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aBFL7B3ezlDjyunEIggYgwAAAAg&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/spotlightonrsac&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aBFL7B3ezlDjyunEIggYgwAAAAg&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/spotlightonrsac&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aBFL7B3ezlDjyunEIggYgwAAAAg&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[9] https://www.theregister.com/2025/04/10/trade_war_reaches_cyberspace/
[10] https://www.theregister.com/2025/04/10/trade_war_reaches_cyberspace/
[11] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/spotlightonrsac&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aBFL7B3ezlDjyunEIggYgwAAAAg&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[12] https://www.theregister.com/2025/04/23/trump_us_security/
[13] https://www.theregister.com/2025/03/24/nation_state_supply_chain_attack/
[14] https://www.theregister.com/2025/03/12/volt_tyhoon_experience_interview_with_gm/
[15] https://www.theregister.com/2025/02/12/google_state_cybercrime_report/
[16] https://www.congress.gov/bill/107th-congress/house-bill/3763/summary/35
[17] https://whitepapers.theregister.com/
Re: And yet Trump attacks CISA
We have met the enemy and he is us
"retired Rear Admiral Mark Montgomery"
Trump must be upset. Retirees can't be fired for telling it how it is.
Not fired, no.
But they probably have a pension that can be "accidentally" cancelled/removed. Or claim they're a member of a south american drugs gang and surrepticiously deport them to El Salvador.
EDIT: Isn't there some mechanism for service retirees to be recalled back to active duty? Then he could be court-martialled...
EDIT: Isn't there some mechanism for service retirees to be recalled back to active duty? Then he could be court-martialled...
Yes I believe any former officer can be called back to active duty and then court martialed. I don't think he'd actually follow through with that scenario though, because he'd look a fool when the fake charges were dismissed before they had time to put in their lunch orders. Unless he fires all the generals/admirals and replaces them with MAGA moron loyalists, but I have to think if there's something that would make even republicans vote to impeach and convict Trump it would be trying a stunt like that with the US military.
"So it's very hard to get American people excited about, committed to, or patriotic about, a military crisis in Taiwan if at the same moment your ATM is not working, your power is intermittent, and/or your water system is compromised."
From the reports I try to avoid, most Americans are bracing for impact for a recession, with consumer confidence as low as with Covid.
An ATM not working is relevant only if you have money to withdraw.
The American people have no control over what funding goes to cybersecurity.
You could have legislation that makes companies (and their directors) liable for demonstrable lax security, but good luck getting that through a company funded congress.
It is also somewhat hard to believe that a country with such a massive defense industry cannot harden its infrastructure, in my understanding (D)ARPANet's raison d'etre was to federate communication networks to avoid a decapitation strike.
Today's bit of unpatriotic behavior is the plan by Amazon to itemize the effects the tariffs have on product prices -- which if Temu's anything to go by means "more than doubling them". Apparently if you don't talk about the effects of tariffs then nobody will notice (or will blame the prices on Biden etc.).
No amount of patriotic bluster can compensate for endemic stupidity. Economies have fairly long lead times, you can't just turn them on and off like a switch. Annoying other countries -- insulting them, causing them unnecessary problems -- is inexcusable and will have long term economic impacts. As for Taiwan, we're giving the people there a really good reason to interact with the mainland rather than the US -- the mainland is reliable, stable and a decent trading partner while the US is currently proving to be mercurial, unreliable and chronically self-centered.
BTW -- The ordure has already hit the air mover. Freight bookings, both import and export, are down substantially for the Ports of LA and Long Beach and isn't just for China traffic. (UK readers -- these are the main West Coast ports of the US; to say they're huge would be a major understatement.) This has had a knock on effect through the entire manufacturing and retail sector. The supply chain should empty in six to eight weeks, then.... (But we should have a major military parade to look forward to sometime in late July..not quite a torchlight rally but in the same vein.)
I don't think many people in the US get the connection between cybersecurity and critical infrastructure. They just assume that unless the US is invaded, their eletricity will flow, they can buy gas(oline), traffic lights will work, they can complain on the Internet, etc..
Just the big recession
That Trump has already guaranteed us, plus all the other chaos he's causing, is sufficient cover for the US populace to not put it high on their priority list of things to care about if China started a naval blockade of Taiwan. Yeah Europe will care but they still will care more about Putin because he's a threat to them and China isn't, and lack the resources to effectively contest China if the US is standing on the sidelines.
China won't start it anytime soon though. Xi is doing the right thing in the trade war by standing up to Trump and refusing to even start to negotiate until he backs down on the tariffs, letting him twist in the wind. China wouldn't want to be in a military campaign after they've left Trump thoroughly humiliated and forced to come crawling to Xi begging for some way out of the hole he dug for himself. Otherwise he might talk himself into war with China to salve his shattered ego and think the "wartime president" thing will boost his soon to be cratering (it is starting now but wait until we're in the midst of a recession and his own MAGA people start turning on him) approval ratings.
What hope is there?
"Department of Homeland Security (DHS) Secretary Kristi Noem had her handbag - with $3,000 (£2,260) in cash inside - stolen from her while dining at a Washington, DC, restaurant.
Noem confirmed during the White House Easter Egg Roll on Monday morning that she fell victim to the theft, saying the matter had not been "resolved yet".
Her bag contained several personal items in addition to the cash, including her driver's license, passport and DHS access badge, law enforcement sources told BBC's US partner CBS News. "
BBC website, 8 days ago.
'nuff said.
Getting Real About China Cyber Espionage
China's cyber attack strategy against the USA began in 1998, the year they were ironically given "Most Favored Nation" status by the Clinton administration. It began with the CCP (Chinese Communist Party) assisting in the formation of the Red Hacker Alliance from disparate citizen hackers. With time, this group grew and became an integral part of the Chinese communist government's military. In 2007, nine years after the CCP's strategy had begun, the US federal government admitted that every federal Windows PC connected to the Internet had been infected with Chinese bots that actively sent data from those machines to Beijing. Since that time, the Chinese government has been implicated in endless cyber-crime against the USA and the rest of the world in search for not just government and military secrets, but for IP (intellectual property) it could use to modernize the country and create its own manufacturing and worldwide distribution base.
And only now we hear someone say "China now America's number one cyber threat"?
Here is a detailed timeline, from CSIS (the Center for Strategic and International Studies), of Chinese espionage crimes against the USA, helping to illustrate that not only now has China been America's number one cyber threat:
[1]Survey of Chinese Espionage in the United States Since 2000
"This updated survey is based on publicly available information and lists 224 reported instances of Chinese espionage directed at the United States since 2000."
[1] https://www.csis.org/programs/strategic-technologies-program/survey-chinese-espionage-united-states-2000
"we preached that China did intellectual property theft,"
Now after further work with the calipers we have determined that the Asiatics are capable of thinking.
In response we have got rid of all the geeks and poindextors in the US forces and strive for a more lethal military.
And yet Trump attacks CISA
He wages [1]war on Krebs as, for him, personal vendetta is more important than security of the nation of which he is commander in chief.
[1] https://www.theregister.com/2025/04/29/infosec_trump_krebs_letter/