Foreigners could seriously disable U.S. information technology networks, even if America used every available resource to defend itself. This is the dire conclusion a former defense expert reached after reviewing the nation’s cyber security protections.
Nicolas Chaillan is deeply concerned hackers could force the United States to its knees. The former U.S. Air Force chief software officer warns a new alliance between mainland China and Russia could topple America’s cyberinfrastructure.
“Not many nations would be able to push back, I do not even think the United States would be able to push back if tomorrow Russia and China decide to come together against us,” he said according to Fox News.
“I think it would be very tricky and very difficult for us to be able to even have a fighting chance, let alone a nation like Ukraine,” he added.
Chaillan believes those superpowers would arguably consider U.S. critical infrastructure an easy target. The resulting service outages could last for “weeks if not months.”
“[Cyber defense for] power and water systems is at the kindergarten level, it would be very impactful to U.S. citizens if something were to happen [and] I can tell you they could potentially take down the grid,” he said, according to the broadcaster.
“If we start providing cyber offensive capabilities [to Ukraine] nothing stops Russia from fighting back and going after our critical infrastructure,” he added.
‘Scared about China’
The former Pentagon official and founder of “Prevent Breach” believes China and Russia have still not demonstrated their entire arsenal to the world. Instead, they have only displayed minimal technological capabilities.
“When it comes to Russia they have not used the most innovative capabilities yet, they are focusing on the more traditional warfighting capabilities … [and] it is easy to discount it now,” he said.
“President [Vladimir] Putin is not stupid, we may not yet understand what his plan was all along [and] I would urge people not to just discount–this is not the full force of the Russian capabilities.”
Chaillan described the Chinese Communist Party’s (CCP’s) complete arsenal as alarming.
“Honestly, I am way more scared about China,” he said.
He also warned the CCP could potentially work with the Kremlin to share space technology or intelligence about foreign enemies.
“The most advanced Chinese capability that they would consider giving away first would probably be some of the satellite defense capabilities, [and] then you also have some artificial intelligence and machine-learning capabilities that could be used to look at satellite imagery–and find where troops are located,” he said.
Such information could give Russian forces a “real-time analysis” of what happens during the country’s border dispute with Ukraine. It could also help track down Ukrainian President Volodymyr Zelensky, arguably a “primary target.”
“All [of] these technologies can be used for looking at massive amounts of data and be able to analyze it rapidly, efficiently and come up with a conclusion that humans would not be able to make rapidly,” he said.
“Even [for] just data provided back to Russia, without even giving access to the capabilities themselves, I would not even be surprised if it is already being shared and used.”
Joint military exercise
These concerns are more relevant after China and Russia held their first joint military exercise since Moscow proposed invading Ukraine.
Air forces from each country conducted a joint aerial patrol on May 24, over the Sea of Japan and south toward the East China Sea–and the Philippine Sea. U.S. agencies believe Chinese naval vessels also participated.
Two Chinese H-6 bombers, two Russian fighter jets, and two Russian Tu-95 bombers reportedly entered South Korea’s air defense identification zone without intruding airspace at 7:56 a.m., off the Korean Peninsula’s southwestern shore.
They joined four Russian planes. Six planes entered the South Korean zone between 9:58 a.m. and 10:15 a.m. without entering South Korea’s territorial airspace.
The South Korean military sent fighter jets before Chinese and Russian bombers entered the zone and “took tactical measures to guard against emergencies,” according to a statement obtained by the New York Times.
Four Chinese military aircraft and two Russian warplanes later patrolled the area between Jeju Island in South Korea and Kyushu Island, Japan.
Japanese fighter jets conducted surveillance and deterred bombers near the country’s airspace. However, none of the planes intruded into Japanese territory.
These strategic bomber flights were complex, planned well in advance, and coincided with President Joe Biden’s official visit to Tokyo on May 24. Biden held talks at the so-called Quad coalition meeting with Australia, Japan, and India counterparts.
They aimed to counter Chinese foreign influence in the Indo-Pacific region. However, the joint military action suggests China and Russia enjoy a strong partnership despite the latter’s deadly conflict with Ukraine.
“We regard the military exercise conducted in the midst of the summit meeting between Japan, the United States, Australia and India as intending to show a demonstration of force against Japan, which hosted the meeting,” Japanese Defense Minister Nobuo Kishi said according to the paper.
“The fact that this activity was held in the midst of the Quad summit meeting is deemed more provocative than other drills in the past [and,] when the international community is responding to Russia’s invasion of Ukraine, China is acting together with the aggressor, Russia—we cannot help but be concerned about this and cannot overlook it,” he added.
Prime Minister Fumio Kishida hopes the Asia-Pacific will never face the same sort of conflict between Russia and Ukraine.
“Russian invasion into Ukraine squarely challenges the principles which are enshrined in the United Nations Charter [and] we should never, ever allow a similar incident to happen in the Indo-Pacific,” he said.
Beijing recently extended diplomatic and rhetorical support to Moscow. The CCP denounced the North Atlantic Treaty Organization and repeated Putin’s view that NATO’s expansion threatens global stability. The Chinese regime also echoed Russian propaganda about the Pentagon allegedly funding a biological weapons laboratory in Ukraine.
Putin previously attended the 2022 Beijing Winter Olympics and met with CCP leader Xi Jinping. The pair marked the occasion with a 5,000-word announcement that their partnership has “no limits.”
A Western intelligence report claims senior CCP officials asked their Kremlin counterparts to postpone invading Ukraine until after the Winter Olympics. Then one day after the closing ceremony, Putin announced Ukraine should not enjoy sovereignty. He then increased the Russian military presence near the Donbas region in eastern Ukraine. A significant invasion started three days later, according to the paper.
China has already purchased advanced weapons from Russia. The two countries earlier held joint naval drills off the Russian Far East in October 2021. Three months later, they joined Iran for similar exercises in the northern Indian Ocean. China and Russia also conducted joint military patrols in late 2020 and late 2019.
This growing military partnership worries some U.S. officials the CCP might invade Taiwan. So they tried to convince the Taiwanese government to purchase more American-made weapons to give the island a “fighting chance” against a possible sea invasion.
Biden claims the United States will use military force to protect Taiwan if the CCP intrudes. However, White House officials claim America still recognizes the so-called “one China” policy despite the Taiwan Relations Act requiring the federal government to supply weapons for the island’s self-defense.
Biden lately stressed his “steadfast” commitment to a “free and open” Indo-Pacific that is inclusive and resilient.
“The Quad is committed to cooperation with partners in the region who share the vision of a free and open Indo-Pacific,” Biden said in a statement.
“We strongly support the principles of freedom, rule of law, democratic values, sovereignty and territorial integrity, peaceful settlement of disputes without resorting to threat or use of force, any unilateral attempt to change the status quo, and freedom of navigation and overflight–all of which are essential to the peace, stability and prosperity of the Indo-Pacific region and to the world.”
President Biden revealed he and fellow Quad delegates agreed that “peace and stability” must be maintained in the Indo-Pacific region, and countries should seek “peaceful” dispute resolution processes.
“We underscored unequivocally that the centerpiece of the international order is international law, including the United Nations (UN) charter, respect for sovereignty and territorial integrity of all states,” he said.
“We will continue to act decisively together to advance these principles in the region and beyond [plus] we reaffirm our resolve to uphold the international rules-based order where countries are free from all forms of military, economic, and political coercion,” he added.
Biden supported the UN Convention on the Law of the Sea, freedom of navigation, and overflight in the East and South China seas.
“We strongly oppose any coercive, provocative or unilateral actions that seek to change the status quo and increase tensions in the area. Such as the militarization of disputed features, the dangerous use of coast guard vessels and maritime militia, and efforts to disrupt other country’s offshore resource exploitation activities,” he said.
He also welcomed the Indo-Pacific Partnership for Maritime Domain Awareness (IPMDA) initiative, which invites regional partners to address illegal fishing, humanitarian issues, and natural disasters.
“IPMDA will support and work in consultation with Indo-Pacific nations and regional information fusion centers in the Indian Ocean, Southeast Asia, and the Pacific Islands by providing technology and training to support enhanced, shared maritime domain awareness to promote stability and prosperity in our seas and oceans,” he said.
“IPMDA embodies what the Quad stands for: catalyzing our joint efforts towards concrete results that help to make the region more stable and prosperous,” he added.
Countering cyber threats
The president hopes holding more frequent Quad meetings will create more opportunities to counter cyber threats.
“We recognize an urgent need to take a collective approach to enhance cybersecurity. … commit to improving the defense of our nation’s critical infrastructure by sharing threat information, identifying and evaluating potential risks in supply chains for digitally enabled products and services, and aligning baseline software security standards for government procurement. Leveraging our collective purchasing power to improve the broader software development ecosystem so that all users can benefit,” he said.
Quad partners will also promote capacity-building programs under its cybersecurity partnership. The inaugural Quad Cybersecurity Day will help individual internet users in the Indo-Pacific region and beyond protect themselves from cyber threats.
“We will advance interoperability and security through the signature of a new memorandum of cooperation on 5G supplier diversification and open radio access networks (RANs),” Biden said.
“We are also deepening our engagement with industry, including through open RAN track 1.5 events, and exploring ways to collaborate on the deployment of open and secure telecommunications technologies in the region,” he added.
The next in-person summit will be held in Canberra, Australia, in 2023.
Malicious activity jumps
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently released a joint cybersecurity advisory called “Russian state-sponsored and criminal cyber threats to critical infrastructure.”
The document warned the Russia-Ukraine conflict could increase malicious cyber activity due to “unprecedented economic costs” imposed on the latter and “materiel support” from the United States, allies, and partners.
This activity can include distributed denial-of-service (DDOS) attacks and destructive malware like BlackEnergy or NotPetya. In addition, some cybercrime groups publicly pledged support for the Russian government and threatened to conduct cyber operations for “perceived cyber offensives against the Russian government or the Russian people.”
“Some groups have also threatened to conduct cyber operations against countries and organizations providing materiel support to Ukraine [while] other cybercrime groups have recently conducted disruptive attacks against Ukrainian websites, likely in support of the Russian military offensive,” the joint cybersecurity advisory said.
CISA declared the following Russian government and military organizations are “cyber threat actors”:
- Federal Security Service
- Foreign Intelligence Service
- Federal Security Service (FSB)
- GRU’s Main Center for Special Technologies (GTsST)
- Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics
- General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center.
“FSB, the KGB’s successor agency, has conducted malicious cyber operations targeting the Energy Sector. The advisory said that they included the United Kingdom and U.S. energy companies, U.S. aviation organizations, U.S. government and military personnel, private organizations, cybersecurity companies, and journalists,” the advisory said.
“FSB has been known to task criminal hackers for espionage-focused cyber activity [and] these same hackers have separately been responsible for disruptive ransomware and phishing campaigns,” it added.
The agency revealed that Russian-aligned cybercrime groups are usually financially motivated and seek to “exploit human or security vulnerabilities to enable direct theft of money … or by extorting money from victims.”
Some of these groups allegedly include:
- Salty Spider
- Scully Spider
- Smokey Spider
- Wizard Spider
- Mummy Spider
- The Xaknet Team
- The CoomingProject.
CISA recommends updating software, enforcing multifactor authentication, securing and monitoring remote desktop protocols and other potentially high-risk services, and providing end-user awareness and training.
Employees should be aware of potential cyber threats, delivery methods, what to do, and whom to contact during a cyberattack.
Workplaces should have a cyber incident response plan with ransomware- and DDOS-specific annexes. Printed copies of the incident response plan should be made available to help responders and network defenders when ransomware shuts down a network.
Offline data backups should be maintained on a frequent, regular basis of at least once every 90 days. In addition, backup procedures should be regularly tested and isolated from network connections that could enable malware to spread.
All backup data should be encrypted, immutable, and cover the entire organization’s data infrastructure, focusing on critical data assets.
CISA separately published a China cyber threat overview and multiple advisories. The documents expose the CCP’s “malicious” cyber activities as an underhanded bid to pursue national interests.
“China is conducting operations worldwide to steal intellectual property and sensitive data from critical infrastructure organizations, including organizations involved in healthcare, pharmaceutical, and research sectors working on COVID-19 response,” the CISA website said.
“The Chinese government targeted, and continue[s] to target, a variety of industries and organizations in the United States including healthcare, financial services, defense industrial base, energy, government facilities, chemical, critical manufacturing (including automotive and aerospace), communications, IT (including managed service providers), international trade, education, video gaming, faith-based organizations, and law firms,” it added.
The U.S. Office of the Director of National Intelligence’s 2021 Annual Threat Assessment identified the CCP as a “prolific and effective cyber-espionage threat” with substantial cyber-attack capabilities.
The assessment is based on the rising number of cyberattacks against the U.S. homeland, suppression of U.S. web content that Beijing considers a threat to its “internal ideological control,” and worldwide expansion of “technology-driven authoritarianism.”
“We continue to assess that China can launch cyberattacks that, at a minimum, can cause localized, temporary disruptions to critical infrastructure within the United States,” the report said.
“China’s cyber espionage operations have included compromising telecommunications firms, providers of managed services and broadly used software, and other targets potentially rich in follow-on opportunities for intelligence collection, attack, or influence operations.”
The assessment also discovered the CCP is using technology to monitor and censor underground Christians, Tibetan Buddhists, Falun Gong adherents, Uighur native people, and other prisoners of conscience.
“China leads the world in applying surveillance systems and censorship to monitor its population and repress dissent, particularly among ethnic minorities,” it said.
Intrusions reach US soil
These activities are not confined to mainland China but have also been reported in the United States and other countries.
“Beijing conducts cyber intrusions that affect U.S. and non-U.S. citizens beyond its borders–such as hacking journalists, stealing personal information, or attacking tools that allow free speech online–as part of its efforts to surveil perceived threats to CCP power and tailor influence efforts,” the document said.
“China will continue expanding its global intelligence footprint to better support its growing political, economic, and security interests around the world, increasingly challenging U.S. alliances and partnerships. Across East Asia and the western Pacific, which Beijing views as its natural sphere of influence, China is attempting to exploit doubts about the U.S. commitment to the region, undermine Taiwan’s democracy, and extend Beijing’s influence,” it added.
The Office of the Director of National Intelligence suspects the CCP even tried to meddle in elections across America.
“Beijing has been intensifying efforts to shape the political environment in the United States to promote its policy preferences, mold public discourse, pressure political figures whom Beijing believes oppose its interests, and muffle criticism of China on such issues as religious freedom–and the suppression of democracy in Hong Kong,” it said.
These sentiments were echoed in the office’s 2021 annual threat assessment of the U.S. intelligence community. It revealed the CCP stifles “free speech” on the internet by targeting foreign media, large technology companies, and spiritual group members. It’s all part of a broader effort to surveil and influence foreign populations.
“Authoritarian and illiberal regimes around the world will increasingly exploit digital tools to surveil their citizens, control free expression, and censor and manipulate information to maintain control over their populations,” the report said.
“Authoritarian and illiberal regimes, meanwhile, probably will point to democracies’s embrace of these [big tech censorship] tools to justify their own repressive programs at home and malign influence abroad,” it added.
Beijing aims to destroy partnerships between the United States and its allies, allowing the communist-ruled nation to replace America as the world’s most powerful country.
“CCP will continue its whole-of-government efforts to spread China’s influence, undercut that of the United States, drive wedges between Washington and its allies and partners, and foster new international norms that favor the authoritarian Chinese system,” the report said.
“Beijing is increasingly combining its growing military power with its economic, technological, and diplomatic clout to preserve the CCP, secure what it views as its territory and regional pre-eminence–and pursue international cooperation at Washington’s expense,” it added.
The document declares Beijing is Washington’s “top threat” to technological competitiveness. The CCP targets critical technology sectors, proprietary commercial and military technology from U.S. organizations, allied companies, and research institutions associated with defense, energy, finance, and other sectors.
“Beijing uses a variety of tools, from public investment to espionage and theft, to advance its technological capabilities,” it said.
“The People’s Liberation Army Rocket Force’s highly accurate short, medium, and intermediate-range conventional systems are capable of holding U.S. and allied bases in the [Asia Pacific] region at risk,” it added.
The CCP is also rapidly expanding and diversifying its nuclear capabilities. As a result, the country plans to at least double its nuclear stockpile in the next decade and field a nuclear triad.
“Beijing is not interested in arms control agreements that restrict its modernization plans and will not agree to substantive negotiations that lock in United States or Russian nuclear advantages,” the report said.