close
close

Association-anemone

Bite-sized brilliance in every update

China’s very real cyber threat to our critical infrastructure
asane

China’s very real cyber threat to our critical infrastructure

The lights flickered, then went dark. The hum of the machines fell silent. Air conditioning stopped.

Moments later, the appliances came back to life, the lights were glowing and the cooling air was flowing.

And then, again, nothing – silence, darkness, and the kind of stillness that quickly becomes suffocating.


Before cell service went down, news alerts had announced unexpected outages, even though the autumn evening weather was sublime. And something about a blockade.

The start of a Tom Clancy thriller? Or a warning that a Chinese blockade of Taiwan could produce hurricane-like effects in the US?

The threat is not theoretical: Recent Chinese cyber espionage activity in the US demonstrates its potential to cause domestic unrest by manipulating our civilian infrastructure as a deterrent to US defense of Taiwan should China blockade or invade the island nation, which China considers it part of it. “one China”. China’s People’s Liberation Army (PLA) simulated such a blockade in October, just as the southeastern United States was reeling from the devastation of Hurricanes Helene and Milton.

In the wake of those storms, the infrastructure that everyone takes for granted failed. The power went out. Sewers overflowed. The water was unsafe. Internet and cell phone services were shut down.

And not only did the physical infrastructure fracture, but dangerous fissures quickly opened in the social infrastructure. With gas in short supply, tankers needed police escorts and gas stations requires the presence of the policeall to prevent theft and fights. Arrests for robberies and unlicensed contractor activities were unprecedented. The disinformation following Helene was so pernicious that the Federal Emergency Management Agency established a web page dedicated to debunking it and had to temporarily suspend victim outreach efforts due to threats of violence.

On the same day that Milton made landfall, October 10, conditions were right on the other side of the globe for another type of storm to threaten a vulnerable population. This storm would invade the waters around Taiwan and the skies above it.

Taiwan celebrated its National Day on October 10, a public holiday that dates back to its liberation from imperial rule. Taiwanese President Lai Ching-te delivered a National Day address during which he asserted Taiwan’s sovereignty. Four days later and in direct response to Lai’s speech, the PLA was held Joint Sword 2024Ba military operation simulating a blockade of Taiwan and demonstrating multi-domain assault and invasion capabilities.

These capabilities would certainly include cyber warfare directed not only at Taiwan’s military, but also at its civilian infrastructure—and that of its allies, especially the US. That capability was demonstrated on September 26, the same day Hurricane Helene hit Florida, when a storm with another name—Salt Typhoon—made headlines. Salt Typhoon is the given name the latest in a series of cyber attacks from China on US critical infrastructure and assets. This time, Chinese cyber espionage operators gained access to US telecommunications systems and data.

The salt typhoon was preceded by a dangerous one Volt Typhoonrevealed in January this year. US energy and water systems have been widely penetrated by Chinese cyber attacks. As FBI Director Christopher Wray testified before a House committeewith Volt Typhoon “China is trying to get a head start on US critical infrastructure – setting up back doors to cripple vital assets and systems should China invade Taiwan, thereby limiting our ability to help Taiwan.”

Americans in the Southeast got a preview of the impact of such a move by China with the rapid loss of civil infrastructure services and civility in the wake of Hurricanes Helene and Milton. But hurricanes and other natural disasters don’t hold critical infrastructure hostage. Adversary nation-states do.

If the Joint Sword blockade of Taiwan had been real, the power, gas, water, sewage, and cell service outages that so many in the Southeast were experiencing at the same time the PLA navy surrounded Taiwan could have been caused by “typhoons ”, not hurricanes. . However, unlike the restoration of service following a hurricane, restoration after disruptions due to Volt Typhoon malware could be contingent, not inevitable.

We need to be more prepared – and strengthened – than we are. As local, state, and federal utilities and agencies continue to recover systems and restore service in the wake of back-to-back hurricanes, national security considerations must be integrated into after-action reports and continuous improvement plans. These would include:

• Assess internal and external vendor systems for latent malware and remediate as appropriate.

• Identifying and strengthening system access points and system-to-system transfer links with enhanced cyber security solutions.

• Providing ongoing enhanced cyber security awareness training to help keep cyber security risks and mitigation front and center for staff, who are often unwittingly the weakest link in cyber defence.

• Prioritizing physical infrastructure improvements and system redundancies that enable continuity of operations and services even when functionality is affected.

• Routinely conduct mass exercises incorporating malicious actor attacks on systems while engaging in a continuous improvement process that incorporates lessons learned.

• And maintaining the focus and prioritization of the budget on the implementation of these recommendations, even as the blue skies return and the sun shines day after day.

After all, typhoons are just as destructive to the infrastructure we rely on as hurricanes. But so are “typhoons”.

Christopher Hunter, a non-resident senior fellow at the Institute for Global and National Security at the University of South Florida, is a former US Department of Justice federal prosecutor and FBI special agent. He is an adjunct professor at the University of Tampa.


GovernanceHis opinion columns reflect the views of their authors and not necessarily his own Governanceits editors or management.