The head of the US Cyber Command warned on June 25th that the Chinese Communist Party (CCP) is actively seeking to undermine the US defense industry and once again pointed fingers at the CCP-supported hacker group “Volt Typhoon”.
According to the Air & Space Forces Magazine, General Timothy D. Haugh, commander of US Cyber Command (CYBERCOM) and also director of the National Security Agency (NSA), stated that the CCP is deploying “thousands of intelligence, military, and commercial personnel” to steal US intellectual property and disrupt the business processes of the defense industry.
Haugh cited a case during his speech at the 2024 AFCEA TechNet cyber conference, where the CCP hacker enterprise “Volt Typhoon” infiltrated critical US defense industries through cyber penetrations.
In January, the US Department of Defense released its first Defense Industrial Strategy and in March released the Defense Industrial Cyber Security Strategy. The documents highlighted that the CCP is conducting “targeted operations to weaken US defense operational capabilities and obtain information on sensitive defense industrial technology acquisition plans.”
The CCP has long been trying to acquire high-end technology from US defense companies. In 2019, then-US Defense Secretary Mark Esper accused the CCP of committing “the largest intellectual property theft in human history.” Many experts have long believed that the CCP’s top J-20 fighter jet contains a significant amount of stolen US defense design secrets.
However, Haugh noted that the current “adversary’s scope, scale, and complexity are even greater,” with threats extending beyond intellectual property to disrupting the US defense supply chain and critical defense infrastructure.
He stated, “China is deliberately and continuously challenging us, challenging the US and our allies technologically, while putting US critical systems and national infrastructure at risk, posing a threat to our defense industry.”
When asked about the extent of China’s increasing cyber espionage activities against the US, Haugh noted that the infiltration by “Volt Typhoon” has reached the “most concerning areas.”
“We’re concerned that these targeted actions are aimed at critical national infrastructure and have already threatened these facilities,” Haugh said, “Therefore, this is a very serious issue not just for the US but also for our allies.”
On February 7, several US federal agencies issued a warning, stating that the CCP-backed hacker group “Volt Typhoon” has been accessing some major critical infrastructure in the US over the past five years.
According to the announcement, the CCP-supported hacker group “Volt Typhoon” has been exploiting vulnerabilities in routers, firewalls, and VPNs to attack water, transportation, energy, and communication systems across the US.
In early January, the US government took action by successfully infiltrating thousands of network connected devices remotely, disrupting the hacking operations of “Volt Typhoon.”
Concerns about “Volt Typhoon” largely focus on how the organization infiltrates civilian infrastructure networks like energy, water, and communication. Other officials have noted that CCP hackers are attempting to penetrate military networks and often target US military bases and nearby industrial facilities.
“Network security is not the top priority for many defense industry contractors,” Haugh said. “It’s not their main focus. These companies are more focused on industrial manufacturing, technological innovation, and development, focusing on creating weapons or related tools that can win wars.”
He recommended that defense industry companies establish closer partnerships with CYBERCOM and NSA to reduce the risk of cyber penetrations.
Meanwhile, the National Security Agency has started providing cybersecurity support to the industry through its Cyber Collaboration Center, a departure from past practices. However, cyber attacks and infiltrations from the CCP will continue, requiring a dynamic, fast response defense system built on industry networks and evolving defense standards of “zero trust,” which requires continuous verification of the reliability and authenticity of users and device units to ensure rigorous network access while protecting critical data.
He emphasized that the defense industry must adhere to the same best network security procedures to ensure the absolute security and reliability of the defense industrial system.