Cyberwarfare / Nation-State Attacks ,
Fraud Management & Cybercrime
Analysts Warn of Foreign Adversaries Establishing Presence in U.S. Networks
Experts have raised alarms regarding ongoing large-scale cyber campaigns against U.S. critical infrastructure, primarily orchestrated by China and other foreign adversaries. These operations present minimal risk and consequence to the attackers, as highlighted by cybersecurity analysts during a briefing to lawmakers this week.
The House Homeland Security subcommittee on cybersecurity was urged to reevaluate existing authorities and expedite offensive cyber operations. Analysts argue that adversaries like Beijing interpret their continued access to sensitive U.S. networks as a low-risk strategy within broader geopolitical maneuvers.
This ongoing vulnerability allows foreign operatives to establish footholds within critical infrastructure networks, complicating future conflict scenarios with the United States. Joe Lin, CEO of the cyber warfare startup Twenty, emphasized the inadequacy of the current U.S. posture, stating, “Our response is unnecessarily constrained, particularly in the use of offensive cyber.”
Recent cyber intrusions, particularly targeting U.S. water systems and China’s Volt Typhoon campaign, were cited as direct threats to civilian safety. Analysts advocated for stronger interagency collaboration to counteract these threats, noting existing gaps among military, intelligence, law enforcement, and civil agencies.
According to Frank Cilluffo, director of the McCrary Institute for Cyber and Critical Infrastructure Security, the U.S. cyber policy must transition from reactive measures to a sustained, proactive posture. He elaborated on the necessity for Congress to clarify interagency roles, enhancing information sharing with credible partners in the private sector.
As the White House and Congress deliberate on how cyber operations fit into broader geopolitical strategies, there is a growing consensus that offensive cyber capabilities should play a more central role in the nation’s defense strategy. Analysts point out that Washington has typically viewed such capabilities as tightly controlled tools rather than essential elements of a comprehensive campaign against adversaries.
Calls for an operational shift towards a “defend forward” strategy have gained traction, with some witnesses asserting that Cyber Command’s expanded authorities represent a step towards more aggressive posturing. However, these efforts have yet to coalesce into a unified government approach to deterrence.
As Drew Bagley, vice president at CrowdStrike, noted, nation-states remain relentless in their cyber efforts. He urged the public-private cybersecurity ecosystem to enhance operational tempo regarding malicious infrastructure disruptions. Additionally, the White House has indicated intentions to adopt a more offensive cyber strategy in conjunction with private sector partnerships, marking a significant shift from traditional defensive tactics.
