TECHNET CYBER 2024 — US Cyber Command officials this week painted a grim picture of what Chinese cyber attacks could do to the US defense industrial base, including destroying critical infrastructure, intellectual property theft and supply chain disruption.
“The defense industrial base is being actively targeted by our adversaries and competitors, particularly by the People’s Republic of China. They are acting with increasing agility and sophistication, which we must continue to outpace,” Commander of CYBERCOM, Gen. Timothy Haugh said Tuesday during his keynote address at the TechNet Cyber conference in Baltimore.
“The People’s Republic of China’s efforts to steal intellectual property, gain critical infrastructure footholds and disrupt supply chains pose significant risk to DoD’s ability to defend the nation.”
Haugh, also the director of the NSA, said that the PRC is deploying extensive resources, both in the military and in the commercial sector, to target the DIB.
“They are using vulnerabilities for advantage, and they are weaponizing them in campaigns of espionage, sabotage, theft and disruption, targeting the DIB,” Haugh said.
To combat this threat, Haugh emphasized that the industry must stand guard and unite with the Department of Defense to fend off adversary attacks.
“We realize that cybersecurity is not the top priority for many of the companies within the defense industrial base. It’s just not their primary focus. These companies and entities focus on manufacturing, innovating and developing the tools that win this country’s wars,” he said. “This is where our partnership adds value. The DIB must enhance its cybersecurity, and the Cyber Command and NSA team are willing and eager partners to assist you.”
Lt. Gen. Robert Skinner, the director of the Defense Information Systems Agency and the Commander of the Joint Force Headquarters-Department of Defense Information Network, echoed Haugh’s concerns about PRC attacks against the DIB. He especially emphasized how the PRC is after intellectual property — notably using part of his Wednesday keynote speech to show off a PRC-created copy of DISA’s Thunderdome strategy.
“They’re listening. They’re looking at our doctrine, studying our doctrine. They’re analyzing our strategies and our plans. They are focused on disrupting our critical infrastructure, targeting our critical infrastructure, making that a focus area. They are studying in detail our national and our DoD strategies,” Skinner said during his keynote address.
Also echoing Haugh and Skinner’s concerns, Lt. Gen. Maria Barrett, commanding general of Army Cyber Command, said during a Wednesday panel at TechNet Cyber that the DIB is potentially at a “pivot point” for cyber attacks facilitated by the PRC. She noted that companies such as Microsoft being attacked by Volt Typhoon — a Chinese cyber espionage group assumed to be involved with the PRC — serve as a warning sign of how cyber attacks can infiltrate the DIB.
Barrett also pointed to the vulnerabilities that small businesses within the DIB face, emphasizing their susceptibility to such attacks given their limited size and capabilities. She said the Army is piloting programs to help protect small businesses against these threats.
“There are a number of initiatives underway, pilots…looking at how can you affordably give a small business partner a virtual environment to do Army business? In doing at a cybersecurity level that they themselves [can do.] It’s too complex for them to do it themselves,” Barrett said.
Though the threat of cyber attacks has become a reality, Skinner provided a glimmer of hope, explaining that the DIB’s partnerships with the DoD are at an all-time high
“We are aligning towards a strategic threat, and we are more aligned today than we’ve ever been,” Skinner said.