Cybersecurity experts are urging U.S. federal agencies to take stronger measures in addressing the escalating cyberthreats posed by China, with a particular focus on critical infrastructure and government officials. The call for action came during a Senate Judiciary Committee hearing where cybersecurity professionals testified about the growing sophistication of espionage campaigns conducted by Beijing-linked threat actors. These cyberattacks are becoming increasingly aggressive, targeting private and sensitive information, including communications of government officials and law enforcement networks. The experts stressed that the current pace of federal action is lagging behind the rapidly evolving threat landscape, and more needs to be done to protect U.S. assets from these threats.
Adam Meyers, Senior Vice President of Counter Adversary Operations at CrowdStrike, emphasized the need for greater collaboration between the public and private sectors in counteracting these threats. He recommended an increase in industry cooperation, particularly in areas like threat hunting and executing infrastructure takedowns of hostile actors. While these efforts are ongoing, Meyers pointed out that the threat environment has outpaced the capacity of agencies to execute effective operations. He stressed that the government must accelerate its defensive strategies, particularly as cybercriminals continue to refine their tactics and expand their targets.
One of the key areas of concern is the infiltration of telecommunications networks by Chinese state-affiliated hackers, an issue that was recently highlighted in a report from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). The federal investigation uncovered a massive cyberespionage campaign attributed to the hacker group Salt Typhoon, which successfully breached systems handling sensitive data, including customer call records and law enforcement wiretap requests. This attack exemplifies the risks posed by foreign adversaries, who are increasingly targeting U.S. communications infrastructure as a means of gathering intelligence.
Experts also raised concerns about the growing complexity of the cyberthreat landscape, particularly with the expected rise in the number of connected Internet of Things (IoT) devices. David Stehlin, CEO of the Telecommunications Industry Association, noted that the number of IoT devices is expected to exceed 30 billion in the coming years, which could open new avenues for cyberattacks. The vulnerability of supply chains, especially in the tech sector, was also a major concern. Isaac StoneFish, CEO of Strategy Risks, pointed to major companies like Apple, Amazon, and Tesla that have significant exposure to Chinese manufacturers and software companies. Experts argue that poor vetting of supply chains, along with partnerships with Chinese firms tied to state security organs, could lead to serious national security risks. As the cyberthreats from China continue to escalate, experts are urging U.S. agencies to step up their defense strategies to safeguard the nation’s critical infrastructure.
Reference:
