China continues to pose the most active and persistent cyber threat to the United States and potential threats “are or will be coming in the near future,” a top FBI cybersecurity official warned today.
Todd Hemmen, section chief of the FBI’s Cyber Technical Analytics and Operations, explained that China has also stolen more personal and corporate data from the United States than all other nations combined.
“China is the broadest, most active, and persistent cyber espionage threat,” Hemmen said on May 22 during the Cyber Summit event hosted by Nextgov/FCW and Route Fifty. “It also possesses substantial cyberattack capabilities.”
“China’s cyber program is massive, and the reality is that China shows no signs of slowing down its ambition and reckless aggression in cyberspace,” he added.
Hemmen said these details were recently published in the Office of the Director of National Intelligence’s (ODNI) Annual Threat Assessment, but he offered additional context from the FBI’s perspective.
The report notes that China could leverage “aggressive cyber operations” to cause chaos in the United States, targeting U.S. critical infrastructure and military assets.
“ODNI’s Annual Threat Assessment made clear that Beijing is working to meet its goal of fielding a military by 2027 to deter U.S. intervention in a crisis between China and Taiwan,” Hemmen said. “2027 is not far away, and Beijing’s sprinting toward that goal means a lot of potential threats are or will be coming in the near future.”
Hemmen pointed to a People’s Republic of China state-sponsored cyber actor, known as Volt Typhoon, as “an especially impressive operation.”
During the FBI’s recent Volt Typhoon investigation, the bureau found that the Chinese government had compromised multiple U.S. critical infrastructure organizations. However, the FBI collaborated with private sector partners to remove Volt Typhoon’s malware from the U.S.-based routers it had infected and prevent reinfection.
Hemmen stressed the importance of similar public-private partnerships when it comes to cybersecurity, which he called “the ultimate team sport.”
“We are really good at combating cyber threats, but we don’t know everything our cyber adversaries are doing,” Hemmen said. “Our agents, analysts, and professional staff need your help to fill in information and intelligence gaps so that together, we can strengthen our collective cybersecurity and impose costs on our adversaries.”
“If you do suffer or suspect a compromise, call us immediately. I cannot overemphasize how much the need for speed to report matters, especially when it comes to a cyberattack initiated by a foreign adversary,” he added. “You may be seeing the first indication of a broader campaign, and we need you to reach out if you see something suspicious or are experiencing a problem. We cannot protect and defend our nation if we don’t hear about it, and if we don’t hear about it, we can’t share information and educate our partners.”