The United States need to impose real costs on foreign bad actors, said Rep. Mike Waltz, the incoming national security adviser.
The United States needs to change from a purely defensive to an offensive cyber strategy, and American tech firms can help, said Rep. Mike Waltz (R-Fla.), the incoming national security adviser for the Trump administration.
“We need to start changing behaviors on the other side rather than just having this escalation of their offense and our defense,” Waltz said on CBS’s “Face the Nation” on Sunday.
Waltz said President-elect Donald Trump as well as his pick for U.S. secretary of state, Sen. Marco Rubio (R-Fla.), are on the same page in terms of starting to “impose costs on the other side to get them to knock this off.”
U.S. officials and law enforcement have on multiple occasions named the Chinese communist regime as a persistent and top cyber threat to the United States.
Waltz pointed to several high-profile
incidents like ransomware attacks and the “
Volt Typhoon“ campaign wherein the FBI says Chinese state-backed hackers have gained access to critical infrastructure like energy grids and water systems.
With large-scale campaigns like Volt Typhoon and a similar “Salt Typhoon,” in which Chinese state-backed hackers gained access to American telecoms networks to steal communications from targeted individuals, the hackers still have access.
Waltz said the United States needs not only to shore up defenses but also impose real consequences.
“We need to start going on offense and start imposing higher costs and consequences,” he said.
The private sector has a role to play as well, Waltz said.
“We’ve got a tremendous private sector,” he said. “Our tech industry, they could be doing a lot of good in helping us defend [the United States], but also making our adversaries vulnerable.”
Experts have similarly recommended a stronger cyber response. The Senate held a
hearing on Chinese cyber espionage on Dec. 11, during which experts pointed out that the United States has not punished foreign actors for their malicious cyber activity.
Outgoing FBI head Christopher Wray—who sounded the alarm over the Volt Typhoon campaign last year and has since made speeches internationally on the issue and testified before Congress on the Chinese cyber threat—said that while the FBI managed to
remove Volt Typhoon malware from critical systems, hackers remain prepositioned to do widespread damage. He also testified that Chinese cyber actors
outnumber those of the FBI by 50 to one.
Intelligence officials and private companies have also noted that while the Chinese regime makes use of the entire state apparatus to target the United States, American companies and the government work independently. In some cases, the Chinese state-backed campaigns
focus on civilian targets.
Last week, the State Department put up a
$10 million reward for information leading to the location of individuals who have participated in malicious cyber activities targeting U.S. critical infrastructure under the direction of a foreign government.
