Homeland Security Committee Sounds Alarm on Chinese Espionage Threat

The House Committee on Homeland Security has raised urgent concerns about China’s escalating cyber espionage operations, detailing how Chinese state-sponsored actors have deeply penetrated critical U.S. infrastructure. Testimonies from experts and federal agencies revealed the scope of these attacks, the sophistication of China’s cyber strategy, and the dire implications for national security.

Chairman Mark E. Green (R-TN) outlined the alarming extent of Chinese cyber activity: “Over the last year, the U.S. government has discovered a number of PRC [People’s Republic of China] state-sponsored threat actors deeply embedded in and across the nation’s critical networks.”

Among the most concerning operations:

• Volt Typhoon: Targeted communications, energy, transportation systems, and water infrastructure, including U.S. territories such as Guam.

• Flax Typhoon: Aimed at espionage in Taiwan, as identified by Microsoft.

• Salt Typhoon: Infiltrated major U.S. telecommunications providers like Verizon and T-Mobile, compromising critical communications networks.

Cybersecurity & Infrastructure Security Agency (CISA) confirmed earlier this year that Volt Typhoon had compromised IT environments tied to multiple U.S. infrastructure sectors, jeopardizing national readiness.

Experts testifying before the committee explained the evolution of China’s cyber capabilities. Adam Meyers, senior vice president at CrowdStrike, highlighted the Chinese government’s 2018 national security law requiring vulnerability research to be submitted to the state. This effectively weaponizes vulnerabilities in American technology for exploitation.

Meyers emphasized China’s focus on devices connecting enterprises to the internet, such as routers and VPN concentrators, which often lack modern security tools. These devices act as critical “nodes” for China’s cyber operations, enabling stealthy infiltration and long-term espionage.

Retired Rear Admiral Mark Montgomery of the Foundation for Defense of Democracies described China’s tactics as “operational preparation of the battlefield,” warning that these pre-positioned malware capabilities could be activated during a geopolitical crisis, such as a conflict over Taiwan.

Montgomery and Meyers both called for a more aggressive U.S. posture to counter Chinese cyber activities. Montgomery argued that the U.S. must move beyond defensive measures and take offensive action to disrupt China’s cyber infrastructure:

“We now have to actually publicly execute operations against Chinese cyber infrastructure to say: ‘We know you did this… and we’re going to remove that infrastructure from your capability.’”

Without such action, Montgomery warned, China would continue to exploit vulnerabilities and escalate its cyber warfare efforts.

China’s ongoing activities, including the active operations of “Salt Typhoon” and “Volt Typhoon,” pose a continuous threat to U.S. national security. Experts at the hearing emphasized the need for robust cybersecurity defenses, constant vigilance, and proactive measures to cut off Chinese access to critical networks.

As tensions with China continue to rise, particularly over Taiwan, the stakes for U.S. cybersecurity have never been higher. Without decisive action, America’s critical infrastructure and its ability to respond to crises remain vulnerable to exploitation.

Stay informed. Share this article and subscribe to our newsletter for updates on national security.