On December 15th, Mike Waltz, the nominee for National Security Advisor selected by the incoming U.S. President Trump, stated that foreign hackers who steal American data will face “higher costs and consequences.” Recently, hackers supported by the Chinese Communist Party conducted large-scale cyber attacks on American telecommunications companies.
Waltz, in an interview with CBS, emphasized the need to take proactive measures against those who continue to steal data and engage in espionage against the United States. He stressed the importance of imposing penalties that involve higher costs and consequences, advocating for a tougher stance in dealing with such cyber threats.
According to Waltz, the intrusion of Chinese hackers into U.S. infrastructure is akin to planting time bombs in critical systems such as water supplies, power grids, and ports, which is deemed unacceptable.
While Waltz did not specify whether the incoming government will impose sanctions on cyber attacks, he highlighted the necessity to adopt different approaches in responding to cyber threats. This includes changing the behavior of aggressors by increasing the costs associated with launching attacks, thus incentivizing them to cease such actions.
Waltz also mentioned the potential role of the private tech industry in aiding the U.S. government in enhancing cybersecurity defenses.
These remarks by Waltz come following U.S. allegations of a large-scale cyber espionage operation by China named “Operation Salt Typhoon.” The hackers targeted the phones and call recordings of senior U.S. political figures, including President-elect Trump and Vice President-elect Pence.
The White House confirmed that at least eight American telecommunications and infrastructure companies were impacted by the cyber attack, resulting in the theft of metadata belonging to many Americans.
President Biden has been briefed multiple times on the cyber attack, with a dedicated task force established within the White House to address the incident. However, as of early this month, none of the eight U.S. companies had successfully removed the hackers from their networks.