China's growing cyber capabilities pose a significant threat to the United States, and it's not just the military and industries that are at risk. Every American is potentially vulnerable to these attacks, as highlighted by a retired NSA head. This issue demands our attention and understanding.
The Rising Threat: China's Cyber Offensive
Tim Haugh, a retired general and former head of the National Security Agency (NSA) and U.S. Cyber Command, has issued a stark warning. China has successfully infiltrated U.S. computer networks on an unprecedented scale, targeting not only military and industrial assets but also everyday citizens. This revelation comes at a time when America's cyber defense capabilities have been weakened by recent resignations and firings.
Haugh emphasizes the disparity between the U.S. and China's cyber capacities, stating, "Our overall capacity is getting smaller while we know China's continues to grow." He believes the U.S. government still has the means to counter these threats but must act swiftly and collaborate with industry partners.
China's Targets: From Utilities to Critical Infrastructure
The scope of China's hacking became evident in an unexpected place: Littleton, Massachusetts. This small town, with a population of around 10,000, was targeted by China despite not being a major supplier to the federal government or a military base. The FBI's visit to Nick Lawler, the general manager of Littleton's electric and water utility, revealed that China had breached their computer network, and Lawler was just one of 200 such targets.
China's presence on American networks dates back at least five years, and the potential consequences are dire. At the water treatment plant, Lawler demonstrated how a hack could lead to water poisoning if China gained control over the water system. Fortunately, China was caught before achieving operational control, and federal investigators, with Lawler's permission, observed their activities, leading to a heightened awareness of the threat.
Haugh emphasizes the national security implications, stating, "This is a national threat... But it's also one that every American should understand. If they're willing to go after a small provider with no national security connection, that means every target is on the list." China denies hacking America's critical infrastructure, but the White House acknowledges the need to assess and mitigate the damage.
Other critical targets believed to have been compromised by China include the New York City Metropolitan Transportation Authority, gas pipeline operators, the port of Houston, and major phone companies.
How China Gains Access: Exploiting Vulnerabilities
China exploits vulnerabilities in network equipment, such as network firewalls, to gain access. This is often due to unpatched software or outdated equipment lacking security updates. Interestingly, China did not install malware in Littleton, opting instead to steal login credentials and impersonate legitimate employees. Haugh explains, "They are just gaining access to that system and then attempting to lay dormant." This allows China to maintain access for future use.
China's Motives: Gaining an Advantage in a Crisis
Haugh believes China's hacking of critical infrastructure is motivated by a desire to gain an advantage in a potential crisis or conflict. He states, "There's no advantage to be gained economically. The only value would be for use in a crisis or a conflict." A hack in Littleton, for example, could distract the U.S. from its focus in the Indo-Pacific region, diverting resources and making it more difficult to mobilize in a crisis.
Senator Mike Rounds, a Republican from South Dakota and chair of the Armed Services Cybersecurity Subcommittee, shares a similar view. He believes China aims to deter the U.S. from engaging in a potential fight by disrupting key American industries through its cyber program. China could potentially cause chaos on Wall Street, threatening financial instability.
Countering China's Cyber Offensive
While China continues to access American systems, Haugh acknowledges the U.S.'s strength in keeping adversaries out of networks. However, the scale of the challenge is significant. Haugh emphasizes the importance of getting the basics right in critical infrastructure and substantive networks to avoid expending more resources on rooting out intruders.
Haugh's own termination in April, allegedly due to accusations of disloyalty by far-right activist Laura Loomer, highlights the political sensitivities surrounding these issues. Senator Rounds called Haugh's termination "a loss for our nation," emphasizing the need for strong leadership in cyber defense.
Today, Haugh continues to advocate for cyber security, teaching at Yale and consulting. He believes that if the U.S. does not dominate in this space, China could gain an advantage, impacting the economy through intellectual property theft, increasing intelligence collection, and prepositioning in critical networks, both domestically and with allies.
"We can't let that happen," Haugh concludes, underscoring the urgency of addressing this growing threat.
