China is America’s #1 Cyber Threat
For those of us in the industry this is not a surprise, but to others it may be.
That title used to belong to Russia, but not any more. Russia is busy with a war and while it still is good at launching ransomware attacks, otherwise, it is more than a bit distracted.
China, on the other hand, has become incredibly efficient at stealing our intellectual property. They are less concerned with stealing our money, but they will take that also. Crippling critical infrastructure – that is a priority too.
This is the week of the RSA Conference in San Francisco.
Retired Rear Admiral Mark Montgomery, former director for transnational threats for the US National Security Council spoke at RSA yesterday. He is a guy who, pretty much, is deep in the know.
The US, the Admiral says, has been focused on defense. China has taken advantage of that.
“I think that cyber threat is actually the greatest daily threat to the safety and security of American citizens and in the American way of life and how we do things,” Montgomery said. “I think the Chinese Communist Party has gotten wicked good at this.”
General Mark Montgomery at RSA, April 28, 2025
While the US has 6,400 people working in cyber offense in 2015 – 10 years ago, that number is only up 3 percent to now.
China, on the other hand, has increased its offensive cyber operations by 1,000 percent. It has several hundred thousand cyber attackers.
He also says that our commercial critical infrastructure is a weak spot. While military bases are somewhat hardened, if the Chinese were able to damage local rail or air traffic control, we would be in a world of hurt.
He also points out that while Salt Typhoon (the attack on all of America’s big telcos) had a goal of traditional espionage, it points out how vulnerable our commercial critical infrastructure is.
When might China choose to use this power of disabling our critical infrastructure? How about as a diversion at the time that they invade Taiwan. Look at the chaos yesterday in Spain and Portugal when the power when out. They were able, mostly, to get it back on in a day. If a cyberattack was the source and it was designed to do maximum damage, it could take months to restore it.
All pretty scary. Learn more at the link. Credit: The Register
by 