The testimony of Mr. Ray and Ms. Easterly was disturbing. Ms. Easterly described China's actions starkly, saying: “This is truly an 'everything everywhere, all at once' scenario.”
In military operations, the term given to this type of pre-conflict action is known as “battlefield operational preparation”, or sometimes shortened to “forward force operations”.
The tip of the spear for such actions by the Chinese Communist Party is the seemingly mundane Strategic Support Force (SSF), the People's Liberation Army's equivalent of US Special Operations Command plus parts of the NSA and CIA. An intelligence agency all in one. Fentanyl operators and Chinese paramilitaries who cross the unsecured southern US border could also be traced to the SS.
The first outbreak of malware in China was observed in Guam
Although the recent testimony by Mr. Ray and Ms. Easterly was shocking, it was a recycled news event. Volt Typhoon, the name of the hacking group that Mr. Ray and Ms. Easterly were referring to, was first reported publicly about a year ago. It was announced by Microsoft in May and then appeared again around July. The Typhoon Volt received some attention, but initial public reports were still in the shadow of the initial Chinese spy balloon episodes and may not have been fully understood in terms of their significance.
Initial reports of the malware situation were somewhat “technical” and the seriousness of the situation was glossed over. There is a well-developed process and protocol in various environments for information exchange, such as the Persistent Security Framework, which is one of the high-level entry points for information exchange between industry and government. Trending new cyber issues are presented here for discussion, and response actions are planned and implemented.
The effects of Hurricane Volt can be catastrophic and extremely significant. The eight major floating drydocks that the U.S. Navy and defense industrial base rely on for new construction and ship repair were either built in China or likely will be equipped with engines, pumps or valves from China and could capsize if improperly submerged. Spycranes are also a related security vulnerability and can fall when driving if remote security features are bypassed. The US government is trying to study and organize this large-scale operation of Chinese advance forces that aims to prepare the cyber battlefield and disrupt America's critical infrastructure.
National Defense Authorization Act Section 1088: Surface drill on attacks on critical infrastructure
The National Defense Authorization Act of 2023 (signed into law in December 2022) is buried in Section 1088 language that is easy to overlook. It was a tip that things were getting serious regarding the Chinese attack on the cyber playing field.
The National Table is essentially a gathering of senior government officials, think tanks and industry representatives to meet and study various scenarios and develop the best courses of action to respond to the identified threat. The language put the Department of Defense in the lead, undersecretary of the Department of Homeland Security.
The description of the tabletop exercise was to “assess the resiliency of U.S. domestic critical infrastructure supporting U.S. military requirements in the event of a military emergency related to Taiwan.” When precise directive language is provided in legislation (now enacted law), it usually indicates extensive coordination in advance between the executive and legislative branches.
To further decipher the language of government, the leaders of Congress and the executive branch were very concerned and had been talking for months, perhaps years, on the subject and have now agreed to act. A classified report has likely been delivered to Congress, and more action has been taken to protect America's critical infrastructure.
Effective cybersecurity depends on using all tools of national power
Cybersecurity is often thought of as protected access points to the Internet, internal scanning for malware, and key measures like two-factor authentication. All this is true, but one of the most effective methodologies to ensure cybersecurity is the effective application of all tools of national power – diplomatic, informational, military, economic, financial, intelligence and law enforcement (DIMEFIL). Using non-cyber means to deter, and if necessary punish, is one of the most effective ways to prevent aggressive hackers like the Chinese regime from penetrating U.S. critical infrastructure.
The Trump team knew this and implemented DIMEFIL very effectively. The Biden team appears reticent to use the most effective tools, such as US economic and financial tools of national power against China.
All views are personal and do not reflect the views of any organization.
This article first appeared in the Epoch Times and is reprinted with permission.
