"Unconstrained Actors: Assessing Global Cyber Threats to the Homeland"

2025-01-22

Loading video...

Summary

The Committee on Homeland Security convened to address the escalating cyber threats facing the United States homeland, delving into the tactics and trends of nation-state adversaries such as China, Russia, Iran, and North Korea [ 00:13:31-00:14:09 ]

. Expert witnesses provided insights into these threats, emphasizing the vulnerabilities of critical infrastructure and discussing strategies for enhancing national cybersecurity [ 00:33:50 ] .

Themes

Cyber Threats from Nation-States The committee heard extensive testimony regarding significant cyber threats from nation-state actors, particularly China [ 00:13:31-00:14:09 ]

[ 00:33:53 ] . China is seen as America's most capable and opportunistic cyber adversary, having pre-positioned malware within critical US infrastructure through operations like Volt Typhoon [ 00:33:53 ] [ 00:34:17-00:34:25 ] . These actions are interpreted as operational preparation of the battlefield, aimed at disrupting US systems and preventing military mobilization during a conflict, such as with Taiwan [ 00:34:27-00:34:46 ] . Russia, Iran, and North Korea also pose substantial threats, engaging in intelligence collection, disruptive operations, and financially motivated cyber activities . The FBI reports China's hacking program is larger than all other major nations combined .

Vulnerability of Critical Infrastructure US critical infrastructure, including healthcare, water supply, energy grids, telecommunications, and transportation systems, is highly vulnerable to cyberattacks [ 00:15:10-00:15:10 ]

[ 00:35:22-00:35:26 ] . China has specifically burrowed into these systems, making them susceptible to shutdown in a conflict scenario [ 00:17:03-00:17:03 ] . The private sector owns and operates most of this infrastructure, and while they have not invested enough in cybersecurity, the government is also faulted for poor partnership performance [ 00:35:32-00:35:53 ] . The lack of resources and consistent investment in cybersecurity leaves crucial sectors, especially at state and local levels, exposed to attacks [ 01:38:04 ] .

Role and Funding of CISA The Cybersecurity and Infrastructure Security Agency (CISA) is deemed essential for national cybersecurity, holding unique authorities for federal network protection and critical infrastructure support [ 00:53:01 ]

[ 00:54:15 ] . Despite its importance, concerns were raised about past attempts by over 100 House Republicans to cut CISA's funding by 25% and proposals to eliminate it entirely [ 00:20:22-00:20:42 ] . Witnesses largely supported CISA's continued role and budget, emphasizing its mission as the country's risk manager and its work in election security [ 00:51:50 ] [ 00:53:01 ] . The nominal budget CISA dedicates to misinformation work (less than 1% of its total budget) was highlighted in contrast to political rhetoric [ 01:35:38-01:35:38 ] .

Cyber Workforce Development A significant theme was the critical shortage of prepared cyber professionals, with approximately 500,000 vacant cybersecurity jobs in the US [ 00:18:09 ]

[ 01:52:47 ] . The Cyber Pivot Act, which aims to cultivate the cyber workforce at scale, was identified as a top priority for this Congress [ 00:18:30 ] [ 00:38:06 ] . Expanding CISA's cyber workforce programs, increasing internships and apprenticeships, and providing incentives for cyber professionals in under-resourced sectors like hospitals and water systems were recommended . The National Guard's potential to bridge military and civilian cyber defense was also discussed [ 00:37:43-00:37:49 ] .

Public-Private Partnerships and Information Sharing Effective cybersecurity requires coordinated, whole-of-government efforts that rapidly share information with the private sector [ 00:18:54 ]

. The Cybersecurity Information Sharing Act of 2015 (CISA 2015) is crucial as it provides liability protections for industry to share cyber threat indicators and defensive measures with DHS . Reauthorizing and strengthening this legislation, along with improving real-time information exchange through entities like the Joint Cyber Defense Collaborative (JCDC), is vital .

Regulatory Harmonization The current multitude of federal regulatory approaches creates an "untenable burden" on businesses and harms cybersecurity efforts . Legislation was proposed to empower the National Cyber Director to develop cross-sector minimum requirements with reciprocity, aiming to improve cybersecurity posture while reducing compliance costs . This approach seeks to ensure consistent baseline security without duplicating efforts and wasting resources [ 01:09:56 ]

[ 01:10:36 ] .

Offensive Cyber Capabilities and Deterrence There was a strong call to shift from a defensive posture to an offensive one, making it too hard or painful for adversaries to disrupt US networks [ 00:18:03 ]

[ 00:36:09 ] . This involves both improving defensive efforts (deterrence by denial) and imposing costs on adversaries overseas (deterrence by punishment) [ 00:36:12-00:36:12 ] . Some suggested publicly executing operations against Chinese cyber infrastructure and attributing them to the US to demonstrate capability and resolve . The idea of "letters of marque and reprisal" to empower private entities to "hack back" under regulated rules was also debated as a radical, yet historically precedent, offensive strategy .

Artificial Intelligence (AI) in Cybersecurity Artificial intelligence is recognized as having significant applications in cybersecurity, particularly for defense mechanisms like threat detection, response, and automating complex problems for junior analysts . The potential for AI to offset the manpower advantage of adversaries like China was noted [ 01:21:52-01:21:56 ]

[ 01:22:22-01:22:22 ] . However, the need to secure AI intellectual property and protect AI workloads as they become more prevalent was also highlighted [ 01:22:22-01:22:35 ] .

Tone of the Meeting

The overall tone of the meeting was serious and urgent, reflecting a bipartisan consensus on the critical and escalating nature of cyber threats to US homeland security [ 00:14:51 ]

[ 00:19:50-00:19:50 ] . While there was broad agreement on the severity of the problem, particularly concerning China's actions, some partisan tensions surfaced regarding CISA's budget and alleged past activities [ 00:20:22-00:20:42 ] . Nevertheless, the discussion primarily emphasized a collaborative and proactive approach, with repeated calls for unified action, increased investment, and strategic shifts in response to a rapidly evolving digital battlefield [ 00:36:09 ] . There was a shared frustration with the perceived lack of accountability and the need for more aggressive offensive measures [ 02:31:43 ] .