Strengthening America’s Resilience Against the PRC Cyber Threats
As America’s Cyber Defense Agency and the National Coordinator for critical infrastructure security and resilience, CISA’s (U.S. Cybersecurity and Infrastructure Security Agency) mission is to safeguard America’s critical infrastructure and enhance the nation’s collective resilience. CISA helps protect and defend the critical services Americans rely on every day against threats from anyone, anywhere, anytime.
According to CISA Director Jen Easterly, China’s sophisticated and well-resourced cyber program represents the most serious and significant cyber threat to our nation, and in particular, U.S. critical infrastructure. Last year, I testified about these threats before the House Select Committee on the Chinese Communist Party. In my opening statement, I underscored the very real possibility that a crisis in Asia, precipitated by an invasion of Taiwan or a blockade of the Taiwan Strait, could have very real consequences for the safety and security of American citizens here at home. Chinese leader Xi Jinping has pledged on numerous occasions—to include on the eve of Communist China’s 75th birthday this past September—to achieve “reunification” with Taiwan, a move analysts assess will likely occur, either peacefully or militarily, by the end of this decade, if not sooner. Such action could be accompanied by disruptive attacks against “everything, everywhere, all at once:” our transportation nodes, our telecommunications services, our power grids, our water facilities, and likely much more—all with the goal of inducing societal panic and deterring our ability to marshal military might and citizen will to expend American blood and treasure in defense of Taiwan.
Over the past two years, CISA and our federal government and industry partners have been laser focused on deterring China’s cyber aggression, working with critical infrastructure entities across the nation to identify and evict Chinese cyber actors, whether they are focused on espionage—such as the recent “Salt Typhoon” campaign against U.S telcos—or disruption—the “Volt Typhoon” campaign designed to disrupt or destroy our most sensitive critical infrastructure. While PRC cyber actors have attempted to evade detection by using living-off-the-land methods—hiding their activity within the native processes of computer operating systems—our world class team of threat hunters have detected them and assisted critical infrastructure partners in evicting them. Their work to address the Volt campaign in particular was recognized in the Congressional Record of June 27, 2024, by Representative Mark E. Green of Tennessee, Chairman of the House Homeland Security Committee. He noted:
“I rise to honor a team of highly skilled cybersecurity professionals for their invaluable service to the United States. While few know their name or see their work, the Threat Hunting team saved millions of Americans from a devastating series of cyberattacks. Volt Typhoon, a malicious state-sponsored cyber actor connected to the People’s Republic of China (PRC), repeatedly targeted critical U.S. infrastructure. By prepositioning cyber threats within critical infrastructure networks, Volt Typhoon was poised to launch destructive cyberattacks of immense proportions against the U.S. The Cybersecurity & Infrastructure Security Agency (CISA) confirmed that the malign group compromised critical infrastructure organizations in communications, energy, transportation systems, and water and wastewater systems. In a moment of crisis, the PRC could devastate American communities. Through the vigilance, dedication, and hard work of the Threat Hunting team, Volt Typhoon was detected and evicted from many of these critical infrastructure organizations. Despite Volt Typhoon operating in a pattern of behavior inconsistent with traditional cyber espionage, they were no match for our best and brightest. Using their expertise, this unique group of specialists shared Volt Typhoon’s tactics, techniques, and activity with the public, ensuring that the malign group could no longer operate in the dark. Americans owe much to these patriots, though their work often goes unnoticed. This team deserves our deepest gratitude. On behalf of the American people and the United States Congress, I thank the Threat Hunting team for their service to this country.”
