RSAC Russia used to be considered America’s biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.
This shift was signified by the Volt Typhoon attacks against the US last year, retired Rear Admiral Mark Montgomery told the RSA Conference in San Francisco on Monday.
Volt Typhoon subverted companies supporting US critical infrastructure and Montgomery confirmed reports that Chinese officials had been quite open with the Biden administration in December 2024 that they were responsible.
Montgomery, a former director for transnational threats for the US National Security Council, said that, particularly when it comes to cyber issues, the US has focused on defense as its key strategy. But in doing so, this had allowed other nations to hone their cyber skills, and China has risen to be the key adversary in this vital battleground.
I think the Chinese Communist Party has gotten wicked good at this… we preached that China did intellectual property theft, they did joint venture theft, they did minor espionage. But now we see they’re actually a major player
“I think that cyber threat is actually the greatest daily threat to the safety and security of American citizens and in the American way of life and how we do things,” Montgomery said. “I think the Chinese Communist Party has gotten wicked good at this.”
“For two decades, we preached that China did intellectual property theft, they did joint venture theft, they did minor espionage. But now we see they’re actually a major player, and China’s bold Typhoon penetration really was an opportunity for their hackers.”
Montgomery said that in 2015 the US military had recruited 6,400 people to work in cyber offense, of which 2,100 recruits came from the Navy. That figure had since risen by just 3 percent to around 6,700, while he suggested Chinese offensive staffing levels were up around 1,000 percent over the same timeframe.
The former national security director also noted that while American military bases were relatively safe and well protected – and have dual redundancy in power, water and communications systems – commercial systems are not. So if it came time to move troops around, they would have to do so on relatively unsecured infrastructure. Knock out local rail and air traffic control, and safe troop movements would be very limited.
The US critical infrastructure is currently largely privately owned, and corporations are not very interested in upping protection levels. Incidentally, the traditional metric is that “85 percent” of critical networks are privately owned, but that number had been made up in the 1990s, he said.
“I was at the White House in 1998 where we made the number up. My boss, Dick Clark [the chief counter-terrorism adviser on the National Security Council at the time,] just pulled that number out of his ass,” he recounted. “But mathematically, we’ve now determined it is somewhere between 82 and 86 percent owned and operated by the private sector, state, and local governments.”
Salt Typhoon, carried out in conjunction with Volt Typhoon, was a more traditional Chinese intelligence operation, used to hack communications systems for espionage. But Volt Typhoon was aimed right at the US critical infrastructure and was a demonstration of quite how advanced the Chinese are in this area.
Infosec experts fear China could retaliate against tariffs with a Typhoon attack
So how would China use this power? Montgomery predicted that the typhoon would be unleashed at a critical time in US history to amplify a crisis – and the most likely example would be if, or most likely when, China decided to take Taiwan.
“I think this is about lowering the US public’s confidence in the government and their a