海角大神

Amid the threats facing the United States, cybersecurity doesn鈥檛 make flashy headlines every day 鈥� but the latent danger from digital threats has some government officials on alert.

The chair of the House Committee on Homeland Security named cybersecurity a 鈥渢op priority鈥� earlier this year. Former FBI Director Christopher Wray has called Chinese hacks the 鈥渄efining threat of our generation.鈥�

Foreign hackers interfering against the U.S. worries Democrats and Republicans alike. A string of Chinese hacks into government agencies, infrastructure systems, and telephone companies in recent years has raised alarm bells, including a disclosure in December 2024 that hackers with ties to the Chinese government broke into the U.S. Treasury Department鈥檚 systems.

In her Senate confirmation hearing, Department of Homeland Security head Kristi Noem called cyberattacks a 鈥渞ising threat鈥� that 鈥渄emands our utmost attention.鈥� Yet the Trump administration has taken early actions that undermine long-standing cybersecurity efforts, critics argue.

In the middle of all of this, President Donald Trump is trying to chart his course on cybersecurity policy, sometimes sending mixed messages about his intentions. With the growing focus on cybersecurity, here鈥檚 a look at some of the issues government officials are looking to address.

What cybersecurity concerns does the U.S. face?

Risks are present in both the private and public sectors. One in 3 CEOs globally recently cited cyberespionage and loss of sensitive information as . Ransomware attacks, in which hackers block access to a computer system until its users pay a 鈥渞ansom,鈥� is a growing concern. These types of attacks rose worldwide by 74% in 2023, with the U.S. 鈥渕ost heavily targeted,鈥� according to the former director of national intelligence under President Joe Biden.

The U.S. also faces a shortage of workers in cybersecurity, although some argue that advances in artificial intelligence could reduce the need for cybersecurity professionals.

Then there are foreign actors. Last summer, according to a U.S. Department of Justice indictment, hackers employed by Iran鈥檚 Islamic Revolutionary Guard Corps a presidential campaign (understood to be ), stealing confidential information. In October, U.S. officials said they on Defense Department and State Department computers.

But China is , with U.S. officials saying it is responsible for more hacks globally than Russia, North Korea, and Iran combined. They say the Chinese government often operates through groups of contractors, sometimes called hackers for hire, who are paid to find vulnerabilities within U.S. data systems and infrastructure.

What kind of hacks are involved?

Two of the biggest names among these hackers for hire are Salt Typhoon and Volt Typhoon. (Microsoft assigned these names in order to keep track of the groups.)

Last fall, reporting uncovered that Salt Typhoon had been carrying out a series of damaging cyberattacks since as early as 2022. The 聽major telecommunications firms, 聽said.聽Among those were Verizon and AT&T.

Richard Forno, a cybersecurity expert at the University of Maryland, Baltimore County, says these hacks probably don鈥檛 present an immediate threat to the average person. But they give China an informational edge.

Telecommunications and internet infrastructure 鈥渦nderpins so much of our modern society,鈥� says Dr. Forno. 鈥淪o if you can penetrate and potentially disrupt that infrastructure, you can have all sorts of follow-on effects down the road.鈥�

Volt Typhoon presents a different kind of threat. In 2023, this hacking group, which is also tied to the Chinese government, had such as transportation, water, and energy systems across the U.S. Once they gained access, hackers implanted malware 鈥� malicious software 鈥� that can essentially lie dormant until China wants to activate it. In early 2024, the FBI announced it had from hundreds of home and office internet routers to disrupt the attack.

But the U.S. is still determining the scope of these attacks. Many security experts and public officials warn that China could use them as a tool in the event of a conflict 鈥� for example, if China invaded Taiwan and wanted to limit the U.S. reaction.

鈥淐hina traditionally takes a very long, patient view of espionage and warfare,鈥� says Dr. Forno.

What is President Trump鈥檚 stance on cybersecurity?

The Trump administration seems to be prioritizing an offensive approach to cybersecurity. National Security Adviser Mike Waltz has suggested imposing and harsher consequences on nations that carry out cyberattacks. Sean Plankey, the new head of the Cybersecurity and Infrastructure Security Agency (CISA), said he expects 鈥渕ore pointed measures at our adversaries.鈥�

President Trump has also been reshaping digital security institutions within the federal government. Shortly after taking office, he dissolved the Cyber Safety Review Board, a Biden-created commission that had been investigating the Salt Typhoon hacks. He also oversaw more than 100 layoffs at CISA, including some employees who were tracking the efforts of Salt Typhoon and Volt Typhoon, according to . (Some employees have reportedly been rehired and .) However, Reuters has that in early March, the White House sent a memo directing federal agencies not to fire their cybersecurity teams.

Last week, President Donald Trump , who headed the National Security Agency and the Pentagon鈥檚 Cyber Command. No official reason has given. Laura Loomer, an activist on the right, thanked the president for getting rid of 鈥淏iden holdovers鈥� in some prominent security positions.

What are some concerns about the Trump administration鈥檚 cybersecurity practices?

Some early actions of the Trump administration are raising red flags among cybersecurity analysts. Recently, senior officials, including Secretary of Defense Pete Hegseth, drew bipartisan criticism for posting details of a pending U.S. military strike in group text messages on Signal, an encrypted commercial messaging app. The conversation was revealed after a journalist was accidentally added to the group.

A National Security Council spokesperson confirmed the authenticity of the text chain. Mr. Hegseth has denied posting classified information. Yet officials used Signal even though the Department of Defense warned that the app has 鈥渁 vulnerability鈥� that Russian hackers are trying to exploit, NPR reported.

The quick pace at which Department of Government Efficiency workers have been given access to highly sensitive databases like the Treasury payment system has also generated controversy. Whether the DOGE team is following security protocols is unclear. Violating protocols could increase risks of foreign actors leveraging mistakes for their own gain.

For instance, two federal employees filed a lawsuit accusing the federal Office of Personnel Management of using an unauthorized private server to send DOGE email blasts across the government. But OPM lawyers argued in a court filing that this email system doesn鈥檛 pose a security risk because it operates 鈥渆ntirely鈥� on government computers and doesn鈥檛 use a nongovernment server.