Communist China is at war with the U.S.
This war has been going on for years.
It’s a secret, silent war that most Americans don’t know about.
But it’s a war that impacts everyone because it affects products and services we all use every day.
And our federal government isn’t prepared to defend us.
Communist China is attacking the U.S. with advanced cyber capabilities that we are not yet able to stop.
Here are 6 things you need to know about the types of cyber-attacks that Communist China is capable of:
- Communist China attacks our infrastructure.
Volt Typhoon is a Chinese cyber campaign that has been active since at least mid-2021.
It targets U.S. critical infrastructure, including communications, energy, transportation, water, and wastewater systems.
It exploits vulnerabilities in outdated or unsecured devices like routers, firewalls, and VPNs, using “living off the land” techniques to blend into normal network activity and evade detection.
In 2023, Volt Typhoon hackers breached a Massachusetts utility and maintained access for nearly 300 days.[1]
In December 2024, Chinese officials indirectly admitted involvement during a Geneva meeting, framing the attacks as a response to U.S. support for Taiwan.[2]
The U.S. disrupted parts of Volt Typhoon’s botnet in 2023 and 2024, but the group remains persistent, exploiting weak cybersecurity in critical sectors.
- Communist China attacks our telecommunications networks.
Another Chinese hacker group known as Salt Typhoon has been launching cyberattacks against the U.S. telecommunications industry since 2022.
The attacks went undetected for two years.
At least nine U.S. telecom firms were confirmed to have been compromised by December 2024, including Verizon, AT&T, Lumen Technologies, and T-Mobile, among others.[3]
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) began investigating the attacks in the spring of 2024.
The White House established a Cyber Unified Coordination Group (Cyber UCG) in October 2024 to coordinate U.S. government responses to the attacks.
The Federal Communications Commission (FCC) announced measures in December 2024 to mandate telecom carriers to secure their networks, including enforcing baseline cybersecurity standards and requiring independent audits.[4]
Senator Ron Wyden (D-OR) introduced the Secure American Communications Act in December 2024 to address the vulnerabilities in U.S. telecom networks.
- Why telecom companies are a favorite target of CCP hackers.
Three of the primary motivations for cyberattacks on telecom companies are:
- Supply-Chain disruption
- Stealing sensitive data
- Intelligence espionage
Supply-chain disruption. This exposes and compromises third-party vendors or service provides who use the telecom network.
Stealing sensitive data. This includes customer personal information, call records, communication metadata, and proprietary company information.
Intelligence espionage. This is one of the primary motivations of CCP-sponsored groups. The goals are to gather information on political figures, monitor activities, access the data of government agencies, and potentially interfere with national security operations.[5]
Hacking into the telecom infrastructure allows hackers to compromise sensitive information, disrupt operations, and even influence global geopolitical trends.
- Communist China attacks our banking system.
In November 2023, the U.S. financial services division of the Industrial and Commercial Bank of China (ICBC), the world’s largest bank, was hit by a ransomware attack.[6]
The attack disrupted the trading of U.S. Treasuries and forced manual trade settlements, which impacted market operations.
Although ICBC is a Chinese bank, its U.S. arm was the target, and the attack raised concerns about vulnerabilities in the financial sector.
- Communist China attacks U.S. businesses.
Chinese CCP-sponsored hackers conduct cyber espionage to steal trade secrets and intellectual property from American companies.
The U.S. Department of Justice (DOJ) charged seven Chinese nationals in March 2024 with a 14-year hacking campaign targeting U.S. businesses,
These efforts are often linked to advanced persistent threat groups like APT31, aimed at economic espionage rather than direct disruption.[7]
- Communist China attacked the U.S. Treasury.
In December 2024, the CCP launched a cyberattack against the Office of Foreign Access Control (OFAC) and the Office of the Treasury Secretary.[8]
Both of these U.S. offices had placed economic sanctions on Chinese companies earlier in 2024 that had engaged in cyberattacks and/or had supplied Russia with weapons for their war with Ukraine.[9]
Conclusions:
All of these various types of cyberattacks are being launched against other countries in addition to the U.S. – especially Taiwan.
Taiwan estimates that their government networks experienced 2.4 million cyberattacks daily in 2024 – double the number of the previous year.[10]
One of the CCP’s goals in attacking U.S. infrastructure industries is to disrupt military supply lines and to distract and therefore hinder the U.S. from providing an effective response to any future conflict with China – especially over Taiwan.[11]
Stay tuned for future reports about the AI “arms race” with China, and about our dangerous dependence on Communist China for rare earth elements and pharmaceuticals.
What do you think? Email me at [email protected].
[1] Jonathan Greig, https://therecord.media/volt-typhoon-hackers-utility-months
[2]Edward Kovacs, https://www.securityweek.com/china-admitted-to-us-that-it-conducted-volt-typhoon-attacks-report/
[3] https://socradar.io/cyber-attacks-telecommunication-industry-2023-2024/
[4] Anna Ribeiro, https://industrialcyber.co/threats-attacks/us-fcc-mandates-telecom-security-upgrades-to-counter-cyber-threats-from-china/
[5] https://socradar.io/cyber-attacks-telecommunication-industry-2023-2024/
[6] Pete Schroeder and Zeba Siddiqui, https://www.reuters.com/world/china/chinas-largest-bank-icbc-hit-by-ransomware-software-ft-2023-11-09/
[7] https://www.justice.gov/archives/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived
[8] https://thesoufancenter.org/intelbrief-2025-january-10/
[9] Ibid.
[10] Ibid.
[11] Ibid.