Chinese state-sponsored attackers have dramatically increased their targeting of the United States, doubling their number of attacks in 2023 and climbing further under the new president, according to cybersecurity firm CrowdStrike and seven US officials. From compromising state National Guard networks to infiltrating newsrooms and cloud providers, Beijing's hackers are busier, more covert, and more aggressive than ever, the Washington Post reported.
From government hackers to contractor armies
One of the greatest shifts in China's strategy is making this expansion possible: The government now outsources cyber activity to private companies. The companies hire best hackers, find zero-day vulnerabilities in software, and sell access to compromised systems to Chinese agencies. This "hacking for hire" model is exponentially growing the number of US victims, blurring lines of attribution and drowning American defences.
Indictments and leaks expose scope of the danger
Current US indictments and leaks from firms like iSoon, which does business with China's state security and military, indicate activities in 20 countries and a catalogue of hacks on offer. They are not only intruding into American systems for data — they are embedding themselves into systems like power grids and water supplies with the potential to sabotage them in a war over Taiwan.
Sustained access, stealth, and sabotage tactics
Organizations like Salt Typhoon, Volt Typhoon, and Silk Typhoon are leading this campaign. Salt Typhoon was discovered embedded in US and Canadian telecommunications systems to enable interception of messages from officials. Volt Typhoon has infected utilities in preparation for wartime disruption. Silk Typhoon, now considered one of the most stealthy of entities, attacked think tanks, defence contractors, and media organizations like The Washington Post.
Advanced evasion and reinfection techniques
Most intimidating about these groups, however, is the ability they have to hide in plain sight. They employ US domestic internet pathways, which evade NSA capture. Within, they create spoofed collaboration accounts, wiped logs, and include backdoors for future re-entry. Google's Mandiant security group identified Silk Typhoon as the most persistent espionage threat of the year, repeatedly returning to compromised systems despite being expelled.
US response weakened amid rising political risk
While in the past indictments and sanctions served as a deterrent, officials say now that China no longer feels constrained by concern for diplomatic backlash. Internal problems, including staffing shortages at the Cybersecurity and Infrastructure Security Agency (CISA), have also made coordination challenging. CISA insists that it remains on high alert, but analysts warn that Chinese cyber hacking is today an unparalleled level of scope and capability.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
