As China expands its cyber espionage and sabotage operations, how will the Trump administration respond?
US President-elect Donald Trump has named most of the members of his proposed cabinet. However, he’s yet to reveal key appointees to America’s powerful cyber warfare and intelligence institutions.
These include positions like national cyber director, director of the Cybersecurity and Infrastructure Security Agency (CISA), and National Security Council cyber lead. These figures will be vital in securing America’s cyber security at a crucial time.
We believe there are three flashpoints that could be particularly troublesome for the incoming administration:
- how Trump will balance his economic and security priorities
- how his administration can effectively deter Chinese digital disruption
- how it will address the suspicions among some MAGA supporters of the powers of the intelligence “deep state”.
Intensifying Chinese cyber espionage
Chinese electronic surveillance and espionage activities against the US have reached an all-time high in terms of level of effort and, most importantly, effectiveness.
These espionage activities have been successfully targeting:
- the key intellectual property that provides the US with an economic and national security advantage
- the personal communications of senior US government and military officials, and
- the personal data of tens of millions of Americans.
As has recently been reported, the Chinese government has exploited vulnerabilities in America’s ageing telecommunications infrastructure to target secret government systems.
Hackers from the group “Salt Typhoon” were able to access the personal communications of high-ranking officials (including Trump) and expose the identities of US intelligence targets and sources in the US and overseas.
Salt Typhoon also appears to have extracted US telecommunications companies’ call data records. These detail the call history and associated phone numbers of all users of the network.
We are taking decisive steps to address vulnerabilities in telecommunications networks following the Salt Typhoon cyberattack. pic.twitter.com/FLGCe9pS1I
— The FCC (@FCC) December 5, 2024
These sophisticated breaches follow years of brazen cyber operations to steal US intellectual property and state secrets concerning strategically significant technologies. These include artificial intelligence, next-generation aircraft, biotechnology and energy systems.
Indeed, researchers have found the majority of Chinese espionage activities against the US since 2000 have focused on stealing commercial technologies and information.
Alongside this, the US government believes Beijing is seeking to expand its ability to capture digital information on Americans.
The Biden administration responded to this threat with a number of measures to harden America’s technology ecosystem against Chinese-made devices and software that may contain backdoors or hidden surveillance features. The response included bans and restrictions on products made by Hikvision, Dahua and Hytera, as well as the social media platform Tiktok.
This all sets the scene for showdowns between Trump and China, as well as between Trump and America’s tech sector.
For example, the Trump administration will almost certainly have to compel telecommunications giants AT&T, Verizon, T-Mobile and others to address longtime deficiencies in their infrastructure. This includes the persistent use of unshielded components dating back to the 1970–80s.
Simultaneously, the personal targeting of Trump, his Cabinet, and senior government officials and their sources will require a forceful response to deter future operations.
But how much will the Trump administration be prepared to do in response to Chinese aggression?
President Joe Biden has hit back against China by targeting its semiconductor industry and curtailing its access to other strategic technologies. In any negotiations between Trump and Chinese leader Xi Jinping over trade and tariffs, Beijing is likely to seek to have these measures removed.
If it does, Trump’s desire for a better economic “deal” with China may come into conflict with national security concerns.
Cyber sabotage on critical infrastructure
Chinese agencies have also been infiltrating American and allied critical infrastructure (including the cyber security centres in the “Five Eyes” partners) for the purposes of sabotage.
The aim is to pre-position themselves in target networks, installing sophisticated malware that can be activated to disrupt and degrade essential systems. This includes in a time of war.
The most noteworthy of these efforts has come from Volt Typhoon, a Chinese state-sponsored hacker group.
@CISAgov Director @CISAJen
“The big story from the last couple years that everyone should be paying attention to — businesses, large and small critical infrastructure owners and operators — is really about the actor that is known as Volt Typhoon, that has been working to… pic.twitter.com/GYCM3Ycm3w— The Cipher Brief (@thecipherbrief) December 11, 2024
These efforts to infiltrate and cripple vital infrastructure are consistent with China’s long-standing doctrine of covert action intended to “win without fighting”.
These sabotage efforts are widely expected to intensify as we approach 2027. This is the crucial window when China’s People’s Liberation Army is expected to reach military readiness to attempt an invasion of Taiwan.
The greatest risk of this digital sabotage campaign is a possible escalation into a military conflict between the US and China.
If Chinese malware is used to target the celebrations for America’s 250th birthday in 2026 or the Los Angeles Olympics in 2028, for example, how much restraint would Trump have?
Renewing America’s cyber espionage law
The final flashpoint will be a legislative one.
The Foreign Intelligence Surveillance Act (FISA) has long been the subject of passionate debate in the US. Most of this centres on Section 702, the basis for much of America’s cyber intelligence collection efforts on foreign targets.
This section allows US intelligence agencies to intercept phone calls, emails and other digital communications on non-Americans outside the US.
Congress has mandated these agencies to “minimise” the collateral collection of data on Americans. In practice, however, this has been difficult to achieve in the age of digital anonymity and transnational threats.
Bipartisan supporters of FISA consider it essential to national security agencies that are fighting to keep America and its allies safe. The MAGA-aligned House Freedom Caucus, however, has cast the act in a different light. They believe it empowers an unaccountable deep state intent on surveilling ordinary citizens.
In 2021 alone, the FBI used FISA, the “Foreign Intelligence Surveillance Act,” nearly 300,000 times to spy on AMERICAN CITIZENS, including President Trump, without a warrant.
We must reform FISA and require the FBI to get a warrant to protect Americans. pic.twitter.com/M2ZX3Zt0vb
— Rep. Barry Moore (@RepBarryMoore) February 13, 2024
Trump has at times aligned himself with this view. In April of this year, he posted that Congress should “kill FISA” due to allegations it enabled spying of his 2020 presidential campaign.
Donald Trump, the Republican presidential nominee for president, urged Republicans to “KILL FISA” in a 1:43 a.m. post to his Truth Social account this morning. pic.twitter.com/oryEEJqFXf
— Matthew Gertz (@MattGertz) April 10, 2024
Section 702 will lapse in April 2026 unless Congress votes to authorise it again. While both houses of Congress will have Republican majorities, the disparate views within the party do not guarantee passage.
Raising the stakes further are the intensifying national security threats a second Trump administration will face.
Intelligence officials will argue the demand for FISA-sourced intelligence has never been higher. However, outsiders like Tulsi Gabbard (presumptive director of national intelligence), Kash Patel (presumptive FBI director), Pam Bondi (presumptive attorney-general) and Kristi Noem (presumptive secretary of homeland security) may oppose re-authorising the legislation.
Furthermore, America’s allies rely heavily on intelligence shared by US agencies using FISA warrants. Just as Trump looks set to demand NATO and other allies pay more for their own defence, he may well insist that Five Eyes and other intelligence partners do more of their own surveillance operations, too.
William A. Stoltz, Lecturer and expert Associate, National Security College, Australian National University and Michael Rogers, Senior Fellow and Adjunct Professor, Kellogg Executive Leadership Institute, Northwestern University
This article is republished from The Conversation under a Creative Commons license. Read the original article.