Hackers backed by the People’s Republic of China (PRC) threaten to disrupt the daily lives of Americans. As FBI Director Christopher Wray confirmed during a congressional hearing I led earlier this year, these hackers could “wreak havoc and cause real-world harm to American citizens and communities.” Rather than wait and react to a future crisis, we must make proactive preparations before it is too late.
As Chairman Xi Jinping once put it, he wants the PRC to emerge as a “cyber superpower” and “overcome the superior with the inferior” by exerting global influence through information warfare. For decades, the Chinese Communist Party has focused on espionage, stealing IP from our companies, and collecting private data. In 2015, hackers stole millions of sensitive records within the U.S. Office of Personnel Management (OPM), leading to a congressional investigation and the resignation of top OPM leaders. Two years later, another operation exfiltrated the identifying data of hundreds of millions of Americans from Equifax, one of the nation’s biggest credit reporting agencies. And in 2020, Marriot announced that attackers pilfered the credit card and passport numbers of millions of customers.
Beyond just a litany of cyber operations, these attacks were the application of the CCP’s laser focus on overcoming American cyber capabilities to ultimately achieve “information dominance,” which entails gaining operational advantage through electronic warfare, network warfare, and psychological warfare to collect, control, and exploit information.
Last year, we were made aware of a concerning development when top intelligence and national security agencies confirmed a CCP-sponsored campaign extended far beyond data and IP theft – they successfully breached our critical infrastructure networks and had the capacity to inflict physical damage through cyberattacks.
This campaign, called Volt Typhoon, penetrated U.S. critical infrastructure in Hawaii and Guam, where they disrupted power and utility systems, rail networks, and oil and gas pipelines, showing us the great lengths the CCP can go to remotely disrupt important services Americans rely on every day.
So, how do we respond?
First, we need to be clear-eyed and understand how the CCP utilizes cyber in times of peace and conflict. As tensions rise, the CCP’s objectives in a cyberattack extend beyond disrupting our military readiness and severing our power, water, and communications; they seek the ability to readily cripple civilian infrastructure to instigate political, economic, and social turmoil.
Recent reports revealed that the Justice Department and FBI were authorized to disable hundreds of U.S.-based routers hijacked by Volt Typhoon. This operation protected everyday citizens from malicious PRC-sponsored cyber actors and is exactly the type of action necessary to counter cyber threats before they escalate.
Second, we must deter our adversaries. As the “father of information theory” Claude Shannon once said: “assume the enemy knows the system.” Although malicious Chinese code has yet to disrupt our networks, any cyberattack leading to physical harm or loss of life would invoke our inherent right to self-defense.
Should the CCP activate code designed to cause harm, that would be “above the threshold of war. And we would certainly respond,” former commander of U.S. Cyber Command, Paul Nakasone said.
Finally, we must accept that we cannot confront these complicated challenges alone. The Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly, made this clear during the hearing, testifying that such developments “spur us to collaborate with our partners across government and industry to proactively reduce risks in the face of the most pressing threats.”
CISA’s engagement with the private sector includes its Attack Surface Management services through which 7,000 companies and organizations identify the weaknesses in their systems and allow CISA to help address vulnerabilities that could be exploited by CCP hacking efforts. This initiative is part of CISA’s broader effort to encourage the private sector to move beyond a damaging culture of silence to share more information on cyber threats and hacks as they emerge to counter them before they can escalate.
As we seek to prevent, deter, and counter CCP cyber operations, it is essential that we expand our efforts now before it is too late. The CCP’s long-running cyber strategy involves pre-positioning its assets and capacity to potentially damage American infrastructure years ahead. To stop the cyber attacks of tomorrow, our work must begin today.
Rep. Raja Krishnamoorthi (D-IL) is ranking member of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party.