China’s cybersecurity threat is constantly evolving: CISA

China has long been recognized as the most active and persistent cyberthreat to American critical infrastructure, a fact that has remained consistent over the last two decades. The Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the evolving nature of this threat, which has undergone a significant transformation since the late 1990s.

During a congressional hearing in May 1998, members of the group L0pht Heavy Industries, including Cris Thomas (Space Rogue) and Peiter Zatko (Mudge), warned about the vulnerabilities of the internet and the challenges in tracking cyber threats. They emphasized the difficulty in creating a foolproof defense system against cyberattacks.

Fast forward to the early 2000s, when the U.S. government first became aware of Chinese espionage targeting government entities. Operations like Titan Rain, which began around 2003, targeted departments such as State, Homeland Security, and Energy. The public became aware of these attacks in subsequent years, marking the beginning of China’s cyber operations against the U.S.

As the current CISA Director Jen Easterly pointed out, the U.S. government initially focused on offensive cyberwarfare but eventually shifted towards a more defensive posture. China’s cyber espionage activities intensified, with a particular focus on spying on U.S. technology and innovation. The theft of sensitive information, such as the Lockheed Martin Joint Strike Fighter Program data in 2009, highlighted China’s capabilities in replicating U.S. technology for its own use.

In recent years, China has expanded its cyber operations to target critical infrastructure in the U.S. and abroad. Operations like Aurora targeted telecommunications companies, while China’s focus on disruptive and destructive attacks has raised concerns about the potential impact on U.S. infrastructure. The Council on Foreign Relations’ Cyber Operations Tracker has documented China’s cyber activities, including targeting trade and military operations in the South China Sea.

Easterly emphasized the importance of collaboration between the public and private sectors in defending against Chinese cyber threats. The intertwined nature of China’s public and private sectors, coupled with its focus on disrupting critical infrastructure, poses a significant challenge to U.S. cybersecurity efforts. Working closely with intelligence and military partners, as well as private sector stakeholders, is crucial in addressing the evolving cyber threat landscape.

In conclusion, China’s cyber activities continue to pose a significant threat to American critical infrastructure. By staying vigilant, fostering collaboration, and leveraging the full range of tools available, the U.S. can enhance its cybersecurity defenses against evolving cyber threats from China.