The Trump administration is determined to mount offensive cyber operations to combat escalating threats from China, a leading House Republican said on March 5.
Rep. John Moolenaar, R-Mich., chair of the House Select Committee on the Chinese Communist Party (CCP), said the new administration “has already shown a willingness to take a more aggressive stance in cyberspace.”
Top Trump advisors and the White House National Security Council, Moolenaar said, are “signaling that America is no longer only playing defense. We are actively engaging to erode our adversaries’ cyber capabilities.”
His comments, which came at a committee hearing on deterring Chinese cyber threats, represented what Moolenaar called “one glimmer of good news” in an otherwise foreboding security landscape.
“As we speak, the Chinese Communist Party is waging a full-scale cyber war against the American people, an attack on our security, our infrastructure, and our way of life,” Moolenaar said. “The CCP has targeted the grids that power our homes, facilities that treat our water, and the hospitals that care for us.”
Even as Moolenaar praised the administration’s cybersecurity focus, however, a long-time security veteran testified at the hearing that the government’s recent firing of thousands of probationary and other Federal workers could have the opposite effect of endangering U.S. cybersecurity.
“I want to raise my grave concerns that the aggressive threats to cut U.S government probationary employees will have a devastating impact on the cybersecurity and our national security at my former agency,” said Rob Joyce, former director of cybersecurity at the National Security Agency.
Joyce linked the firings, spearheaded by Elon Musk’s Department of Government Efficiency, directly to the cyber deterrence campaign against China. “Eliminating probationary employees will destroy a pipeline of top talent essential for hunting and eradicating PRC threats.” he said.
The hearing took place amid bipartisan concerns about what law enforcement officials have called a comprehensive Chinese campaign to target U.S. critical infrastructure through cyber operations.
Those concerns escalated in February 2024 when the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and other agencies issued an advisory warning that that a PRC state-sponsored hacking group known as Volt Typhoon had compromised the IT environments of multiple U.S. critical infrastructure organizations – with the goal of preparing for future cyberattacks.
In response, the agencies called on all organizations to urgently implement a series of cybersecurity improvement actions.
That was followed last fall by the Salt Typhoon breach in which a China-linked hacking group infiltrated commercial telecommunications infrastructure to target then-President-elect Donald Trump; then-Vice President-elect Sen. JD Vance, R-Ohio; and associates of Vice President Kamala Harris.
Also in the fall, yet another Chinese hacking group – Flax Typhon – emerged as a fresh threat. Christopher Wray, then the FBI director, revealed in September that the bureau had taken the group offline after it targeted critical infrastructure in the U.S. and overseas.
FBI officials said Flax Typhoon had similarities to Volt Typhoon but also a key difference – the group hijacked internet of things devices like cameras.
At the March 5 House hearing, titled “End the Typhoons: How to Deter Beijing’s Cyber Actions and Enhance America’s Lackluster Cyber Defenses,” committee members and witnesses expressed particular concern about Salt Typhoon and Volt Typhoon.
“Salt Typhoon was one of the worst hacks in American history, a truly unprecedented intelligence breach,” said Ranking Member Raja Krishnamoorthi, D-Ill. “And it came just one year after this committee held a hearing on Volt Typhoon, an equally devastating hack, where we learned that China has pre-positioned vulnerabilities in our critical infrastructure.”
As for how to combat the cyber threat from Beijing, Rep. Neal P. Dunn, R-Fla., echoed Moolenaar’s endorsement of offensive cyber actions and said the Trump administration is prepared to act aggressively to disrupt Chinese capabilities.
The administration and Congress must “effectively and decisively put a stop to the PRC’s insidious cyber operations,” Dunn said. “We can no longer afford to be reactive. I think we need to be proactive.”
Krishnamoorthi emphasized more defensive measures, saying the nation should increase its cybersecurity talent pipeline and hold telecommunications companies accountable for meeting rigorous cybersecurity standards.
“We’re going to bolster our defenses and invest like never before in our nation’s cybersecurity,” Krishnamoorthi said.
Joyce called for a mix of offensive and defensive actions, an “integrated arsenal” that includes offensive cyber operations, targeted economic sanctions, criminal indictments, diplomatic pressure, and intelligence sharing with U.S. allies.
“No single approach will achieve effective deterrence,” said Joyce. And he said China is approaching “peer status” with the United States in cyber capabilities.
“They get better through experience,” Joyce said.