The U.S. National Security Agency (NSA) has formed partnerships with over 1,000 organizations in the public and private sectors to address emerging cybersecurity threats, particularly from China. The NSA’s Cybersecurity Collaboration Center, launched in 2020, serves as a platform for sharing information, improving threat detection, and enhancing incident response. Jami Wise, deputy chief of the agency’s China Strategy Center, emphasized the importance of collaboration with these partners in classified forums to better understand and address the cybersecurity challenges posed by the People’s Republic of China (PRC). Through this initiative, the NSA has been able to mitigate major threats and share insights on the risks associated with Chinese cyber operations.
Earlier in 2024, the NSA leveraged its collaboration efforts to tackle a threat targeting a vulnerability in an industrial control system (ICS) vendor’s software. While it was not explicitly stated whether the attack originated from China, the collaboration center allowed the NSA to work closely with the vendor to mitigate the issue and ensure that protective measures were deployed across a global scale. This collaborative approach has proven to be effective in responding to urgent cybersecurity threats, particularly when dealing with highly sophisticated actors like China.
The NSA has also been working with international allies, such as the Australian Signals Directorate, to increase awareness of China’s growing cyber capabilities. In July 2024, the NSA and its partners published case studies that detailed the tactics of Chinese cyber espionage group APT40, also known as Kryptonite Panda or Gingham Typhoon. The report highlighted how this group has evolved its methods to exploit vulnerabilities in widely used software and target government networks. Furthermore, the report pointed out the increasing trend of threat actors using compromised devices, such as home and office routers, as part of their cyber operations infrastructure.
In addition to its cybersecurity initiatives, the NSA has taken steps to address the security risks posed by artificial intelligence (AI). In September 2023, the agency established the AI Security Center within the cybersecurity collaboration program to support the development and adoption of secure AI technologies. This initiative aims to ensure that AI technologies are developed in a secure and standardized way, with a focus on preventing misuse by state actors like China. Wise also noted that China had employed AI as part of its influence operations during Taiwan’s 2023 elections, using AI-generated disinformation to undermine the Democratic Progressive Party.
Reference:
