OpinionThinking About China

Extraordinary US–China Cyber Meeting Revealed

Save
Extraordinary US–China Cyber Meeting Revealed
A member of an alleged Chinese hacking group is seen in a file photo. Nicolas Asfouri/AFP via Getty Images
John Mills
Updated:
0:00
Commentary
The Wall Street Journal recently revealed an unprecedented meeting that occurred in December 2024, which addressed the ongoing series of cyberattacks on U.S. critical infrastructure. In this meeting, described as a “summit,” about 12 U.S. national security officials engaged in candid discussions with their Chinese counterparts.

This meeting marked the first acknowledgment by China that the Volt Typhoon and the Salt Typhoon cyber intrusions originated from the Chinese regime.

“The Chinese official’s remarks at the December meeting were indirect and somewhat ambiguous, but most of the American delegation in the room interpreted it as a tacit admission and a warning to the U.S. about Taiwan, a former U.S. official familiar with the meeting said,” the Journal reported.

Chinese Cyber Assaults

Volt Typhoon was first publicly reported in early 2023, as Microsoft and the Department of Homeland Security revealed cyber intrusions into critical infrastructure in Guam. A Chinese state-sponsored group was the announced culprit, and one U.S. official said this was part of a broader Chinese intelligence-gathering system.
The department’s Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an advisory with perhaps a new cybersecurity buzz phrase of “living off the land.” One article posited whether this event signaled preparation for a Chinese attack.
In 2024, congressional testimony by then-FBI Director Wray and then-CISA Director Jen Easterly was sobering. Easterly characterized the Chinese actions starkly, saying, “This is truly an ‘Everything Everywhere, All at Once’ scenario.”
Related Stories
China-Nexus Hackers Spent Years in Asian Telecoms Network, Report Says
China-Nexus Hackers Spent Years in Asian Telecoms Network, Report Says
US Charges 12 Chinese Hackers, Officials for Cyber Operation Whose Targets Included The Epoch Times
US Charges 12 Chinese Hackers, Officials for Cyber Operation Whose Targets Included The Epoch Times
The Journal article, published on April 10, provided further information on the motives of the Chinese regime. “The Chinese delegation linked years of intrusions into computer networks at U.S. ports, water utilities, airports and other targets, to increasing U.S. policy support for Taiwan … underscoring how hostilities between the two superpowers are continuing to escalate,” the report said.

Leadership Accountability for Cyber Failures

In his first term, President Donald Trump’s initial executive order on cybersecurity stressed one theme: leadership accountability.

The executive order states: “The President will hold heads of executive departments and agencies (agency heads) accountable for managing cybersecurity risk to their enterprises. In addition, because risk management decisions made by agency heads can affect the risk to the executive branch as a whole, and to national security, it is also the policy of the United States to manage cybersecurity risk as an executive branch enterprise.”

To clarify, the executive order said that cyber breaches would be considered a direct reflection of the senior leadership of the affected departments and agencies.

The revelation of the December 2024 Geneva meeting may provide further background on the recent leadership changes at Fort Meade, Maryland.

Beijing’s cyber campaign has been relentless since early 2023 and includes the full spectrum of U.S. critical infrastructure, including power, water, telecommunications, air traffic control, and maritime navigation-related systems.

A Cyber ‘Plucking’ to Ensure Best Leadership

Retired Lt. General Michael Flynn, Trump’s initial national security adviser during his first term, told me “there are more flag officers [generals and admirals] that need to go,” pointing out that “this is a ‘Marshall Moment’ to effect these changes.”

This refers to the “plucking” used by Gen. George Marshall before and during the Second World War.

Herm Hasken, a retired military officer and senior adviser to several cyber and electronic warfare companies, told me that “the public is only getting a portion of the whole story regarding the size and scope of China’s intrusions across all 16 sectors of our critical infrastructure.”

Retired Secret Service Senior Executive Robert Rodriguez told me that industry practitioners are extremely concerned about the Chinese regime’s Salt Typhoon cyberattacks.

Rodriguez helped establish the early cyber capabilities of the Secret Service. He is still active in cybersecurity innovation efforts.

“The threat was so serious they formed a coalition of U.S. and Canadian [chief information security officers] to host a series of ongoing workshops” to address the broad and pervasive Chinese cyber intrusions, Rodriguez said.

He said China is “by far the No. 1 threat” to the United States and the world.

In December 2024, a Senate Hearing dove deeply into the Salt Typhoon cyberattacks. The bipartisan dissatisfaction in Congress regarding the U.S. government’s inability to shut down and remove Chinese cyber intruders was evident.

“I think the American people need to know the extent of the breach here, I think they will be shocked at the extent of it,” Sen. Josh Hawley (R-Mo.) said at the time. “I think they need to know about their text messages, their voicemail, their phone calls. It’s very bad, it’s very, very bad, and it is ongoing.”

Then-Senate Intelligence Committee Chair Mark Warner (D-Va.), who has direct experience as an executive in the telecommunications market, was concerned about the unaddressed “gaping holes” in the U.S. cybersecurity posture.

“I think there is huge concern, far and away the worst telecom hack, and the fact is that they are still in the systems,” Warner told reporters at the time.

The unabated and continuous Chinese cyber assault, confirmed by The Wall Street Journal in relation to the high-level Geneva security summit between the outgoing U.S. national security team and China, may be a significant causal factor for changes in U.S. cybersecurity leadership.

Views expressed in this article are opinions of the author and do not necessarily reflect the views of The Epoch Times.
John Mills
John Mills
Author
Col. (Ret.) John Mills is a national security professional with service in five eras: Cold War, Peace Dividend, War on Terror, World in Chaos, and now, Great Power Competition. He is the former director of cybersecurity policy, strategy, and international affairs at the Department of Defense. Mr. Mills is a senior fellow at the Center for Security Policy. He is the author of “The Nation Will Follow” and “War Against the Deep State.” ColonelRETJohn2 on “X”, ColonelRETJohn on Substack, GETTR, and Truth Social