The evolution of China's cyberespionage tactics.

The Cybersecurity and Infrastructure Security Agency (CISA) states that while China remains the most active and persistent cyberthreat to American critical infrastructure, the nature of the threat has evolved over the past two decades.

Cris Thomas, also known as Space Rogue, stated during testimony before the Governmental Affairs Committee on May 19, 1998, that while it may not be possible to create a completely foolproof system, the objective should be to make it extremely difficult to breach.

L0pht Heavy Industries was among the first groups to testify in Congress about cybersecurity threats. They warned that it was possible to bring down the internet in just 30 minutes and that creating a completely secure defense system was nearly impossible. Additionally, they faced challenges in tracing the origins of cyber threats.

""Reverse hacking and backtracking can be challenging due to the outdated protocols being used. Since there is limited information on the origin of these protocols, it is difficult to determine where things came from, only that they did," stated Peiter Zatko, also known as "Mudge," during his testimony."

The U.S. government became aware of Chinese espionage targeting government entities in the early 2000s. One string of operations known as Titan Rain started as early as 2003 and included hacks on the U.S. departments of State, Homeland Security and Energy. The public became aware of the attacks several years later.

At that point, the CISA Director, Jen Easterly, was dispatched to Iraq to probe into the use of advanced technology by terrorists.

Easterly began his career in counterterrorism and was deployed to Iraq, where he witnessed terrorists utilizing communications technologies for recruitment, radicalization, and operationalizing improvised explosive devices.

The U.S. government shifted its focus from investing in cyberwarfare to adopting a more defensive stance that prioritized protecting against attacks, after officials raised concerns about the potential harm caused by computer network attacks.

"Easterly stated that when he was part of the Army's first cyber Battalion and helped establish U.S. Cyber Command, the focus was on nation-state adversaries, particularly China, who posed an espionage threat."

In the early 2000s, China's cyber operations primarily involved spying on government agencies.

In 2007, Sen. Kit Bond, R-Mo., warned that China's aggressive and extensive espionage poses the greatest threat to U.S. technology.

Since China has a history of spying on U.S. innovation and using it to replicate its own infrastructure, in 2009, Chinese hackers were suspected of stealing information from Lockheed Martin’s Joint Strike Fighter Program. Over the years, China has debuted fighter jets that look and operate like U.S. planes.

"Easterly stated that China is the greatest danger to the U.S. and that their primary focus is on identifying and eliminating Chinese activity, as well as safeguarding critical infrastructure from Chinese cyber actors."

In 2010, China shifted its focus to the public sector and began targeting telecommunications companies. In 2011, Operation Aurora was a series of cyberattacks in which actors conducted phishing campaigns and compromised the networks of companies like Yahoo, Morgan Stanley, Google, and dozens more. Google left China after the hacks and has yet to return its operations to the country. By the end of the decade, evidence emerged that China was also spying on critical infrastructure in the U.S. and abroad.

Easterly stated that he was surprised to see the campaign as a threat to conduct disruptive and destructive operations in the U.S., which is an evolution he was not tracking.

In the past decade, Taiwan has been a favorite target of China's frequent attacks on trade and military operations in the South China Sea, as revealed by the Council on Foreign Relations Cyber Operation Tracker.

"Easterly stated that the actors we have observed are digging deep into our critical infrastructure, not for the purpose of espionage or data theft, but rather to prepare for disruptive or destructive attacks in the event of a crisis in the Taiwan Strait."

All companies in the semiconductor supply chain from mining to producers have been spied on by China, as shown by data.

The potential consequences of a war in Asia on American lives are alarming. Pipelines could explode, trains could derail, and water could become polluted. This is part of China's plan to create chaos and hinder our military capabilities. Easterly believes this is the most serious threat he has encountered in his career.

In contrast to the U.S., where partnerships are crucial for defense, China's public and private sectors are closely linked through regulation.

Easterly stated that although it is a team sport, they collaborate closely with their intelligence community and military partners at U.S. Cyber Command to ensure they are utilizing all government tools and working with private sector partners.

"The private sector owns the vast majority of our critical infrastructure and is on the front lines of it. Therefore, it is crucial to have robust operational collaboration with the private sector to ensure the safety and security of cyberspace."