Why China has replaced Russia as the top U.S. cybersecurity threat
In recent developments, China has emerged as America's primary cyber threat, according to former Rear Admiral Mark Montgomery.
Speaking at the RSA Conference, he highlighted the increasing effectiveness of Chinese cyber operations, particularly citing the Volt Typhoon attacks last year that targeted US critical infrastructure. He noted that Chinese officials acknowledged their involvement to the Biden administration in December 2024.
Montgomery, who has extensive experience with the US National Security Council, explained that for years, the US has prioritised defensive strategies. This approach has left room for adversaries, particularly China, to sharpen their offensive cyber capabilities significantly.
"I think the Chinese Communist Party has gotten wicked good at this," he asserted, reflecting on how they have graduated from intellectual property theft to more serious cyber operations.
He recalled that in 2015, the US military brought in about 6,400 personnel for cyber offensive work, with only a modest increase since then. In stark contrast, China’s offensive capabilities have reportedly skyrocketed by around 1,000 percent within the same period. Montgomery pointed out that while military installations are well protected, US commercial systems, which form much of the critical infrastructure, are often vulnerable. This raises serious concerns about troop movements during crises involving local rail and air traffic, which could be compromised.
A notable fact that Montgomery recalled was the often-cited figure that 85 percent of critical networks are privately owned. He revealed that this number was an arbitrary estimate made during his time at the White House in 1998. Most recently, it was clarified that around 82 to 86 percent of critical networks are indeed controlled by private and local government entities. Many of these corporations display little interest in enhancing their security measures, despite the growing cyber threats.
Looking forward, Montgomery warned about potential retaliation from China, especially in the context of tariffs or geopolitical tensions. He speculated that an attack could unfold at a strategically crucial moment, such as a possible conflict over Taiwan, aiming to undermine public confidence in the US government amidst a crisis. "If your ATM isn't working or services are disrupted, it’s hard to rally Americans around a military crisis overseas," he indicated.
While Russia has been seen as a prior threat in cyberspace, Montgomery noted that its resources are limited in comparison to China's robust and well-resourced cyber operations. He also dismissed concerns about North Korea, labelling them as a "cyber gang masquerading as a nation state," and assessed Iran as less of a formidable threat despite its capabilities.
