WSJ Tech News Briefing: How China’s Cyber Threat Looms Over America
Release Date: January 8, 2025
Host: James Rundle
Reporter: Dustin Volz

Introduction

In the January 8, 2025 episode of the Wall Street Journal’s Tech News Briefing, host James Rundle delves into the escalating cyber threats posed by China to the United States. The discussion, led by reporter Dustin Volz, examines the sophisticated and aggressive nature of Chinese cyber activities, their infiltration into critical U.S. infrastructure and telecommunications, and the implications for national security and upcoming U.S. administration policies.

China's Escalating Cyber Aggression

Historical Context and Evolution
Dustin Volz contextualizes China’s cyber aggression by highlighting its longstanding history in cyberspace. "China has always been pretty aggressive in cyberspace and for really 15, 20 years now has been targeting US systems, private sector companies, government agencies," Volz explains (02:07).

Shift in Tactics
While past activities focused on stealing intellectual property and personal data, recent campaigns have shown a disturbing shift towards compromising critical infrastructure. "What's new here and what they're doing now is just different and alarming to senior U.S. intelligence officials because instead of stealing private intellectual property from businesses or just mass quantities of personal data, they're breaking into scores of critical infrastructure systems," Volz notes (02:07).

Major Cyber Operations: Salt Typhoon and Vault Typhoon

Infiltration of Critical Systems
Two significant hacking operations, identified by researchers as Salt Typhoon and Vault Typhoon, have raised alarms among U.S. intelligence officials. These operations have penetrated systems across ports, pipelines, water treatment facilities, and airports. Volz emphasizes the intent behind these breaches: "They’re preparing for a future conflict, likely over Taiwan, and trying to basically deter or intimidate the US from engaging in a hot conflict" (02:07).

Surveillance of Telecom Networks
In addition to critical infrastructure, Chinese spies have infiltrated major U.S. telecommunications providers. This breach allows for extensive surveillance, including the monitoring of text messages and phone calls of government officials and political figures. Volz states, "These two attacks have combined to really put US Officials on a new level of concern about what Beijing's been doing" (02:07).

Impact on Critical Infrastructure

Nature of the Intrusions
Volz describes the nature of these intrusions, particularly focusing on critical infrastructure attacks labeled as Vault Typhoon. "They aren't actually disrupting system. They're not taking down airports or slowing systems to a halt or anything like that. But what they are doing is lying in wait," he explains (03:43). This strategy indicates a readiness to cause significant disruption should a conflict arise.

Persistent Threats
The hackers maintain persistent access, with intrusions sometimes lasting months or years without detection. "The inaction there is what's being seen as so alarming by US and Western security officials. Because if they're just lying there and wait, what are their future plans?" Volz questions (04:46).

U.S. Response and Mitigation Efforts

Dismantling the Botnet
In January of the previous year, U.S. officials publicly disclosed cyber activities targeting critical infrastructure and took action to dismantle a related botnet. Volz mentions, "The authorities came out and dismantled that botnet. They made it very clear publicly that they didn't tolerate this activity" (04:56).

Ongoing Detection and Education
Efforts continue to detect compromised systems and educate under-resourced critical infrastructure providers on enhancing cybersecurity measures. "The campaign to educate them continues. They're finding the hackers in more places," Volz states (04:56).

Challenges with Telecom Security
Despite these efforts, the infiltration of telecom networks revealed significant vulnerabilities. Volz explains that many telecom systems were compromised through "unpatched vulnerabilities that were known to the public and known to security analysts and experts" (08:39). This highlights the challenges in securing even well-resourced sectors.

Infiltration of Telecommunications Networks

Extent of Compromise
The breach of major telecom companies, including Verizon and AT&T, underscores the depth of Chinese cyber infiltration. "They were able to hijack large network routers, essentially, and use those to conceal their activity, to cover their tracks, to do a lot of espionage," Volz elaborates (08:39).

Regulatory Response
While other industries received cybersecurity mandates, telecoms were initially excluded under the assumption that they were already well-protected. However, following these breaches, the Federal Communications Commission (FCC) and other bodies are reassessing cybersecurity standards for telecommunications. Volz notes, "The FCC and others are taking a look at what they can do to potentially increase the cybersecurity standards for telecommunications networks" (08:39).

Chinese Government's Stance

Denial of Involvement
China has consistently denied involvement in these cyber intrusions. Volz cites a confrontation where U.S. Secretary of State Antony Blinken presented evidence to Chinese officials, who responded dismissively: "We have no idea what you're talking about. This looks like it might be a criminal ransomware group" (06:46).

Defensive Rhetoric
Chinese officials further claim that the U.S. is the true threat in cybersecurity, stating, "the U.S. government is the true criminal out there when it comes to cybersecurity" (06:46).

Implications for U.S. Administration

Incoming Administration's Challenges
With the resignation of senior cyber officials like Jenny Stili and Harry Coker, the incoming Trump administration faces significant challenges in addressing these pervasive cyber threats. Volz remarks, "It's a huge challenge for the incoming Trump administration" (11:58).

Policy Directions and Political Dynamics
President-elect Donald Trump’s stance on China has been notably tough, but the extent of actionable policy changes remains uncertain. "Officials, including President elect Trump's nominee to be chairman of the FCC, Brendan Carr, have spoken about the telecom hacks and said it's a priority and that we need to do more to deter China," Volz explains (11:58). However, there is uncertainty about the administration’s support for stringent cybersecurity mandates, given the traditional Republican preference for voluntary measures.

Conclusion

The episode underscores the severe and evolving nature of China's cyber threats to the United States, highlighting the deep penetration into critical infrastructure and telecommunications networks. Despite ongoing U.S. efforts to counter these threats, significant challenges remain, particularly with the transition to a new administration. The persistent and sophisticated nature of these cyber intrusions poses a substantial risk to national security, necessitating continued vigilance and robust cybersecurity strategies.

Produced by Julie Chang, Supervising Producer Catherine Milsock
For more insights, visit The Wall Street Journal's Tech News Briefing.