According to a guidance document released by the Department of Homeland Security (DHS) last Thursday, addressing “cyber and other threats posed by the People’s Republic of China (PRC)” is the Department of Homeland Security’s top priority through the end of 2025. The document describes a “whole-of-society effort” to protect critical infrastructure from external threats, with China at the top of the list.
Other priorities include managing the “evolving risks” of artificial intelligence and other emerging technologies, mitigating supply chain vulnerabilities, preparing for climate change-related risks to critical infrastructure, and addressing reliance on satellite-based services and communications.
“From our banking system to our power grid, from health care to our nation’s water systems, we depend on our critical infrastructure to function reliably for our national security, economic security and public safety,” Homeland Security Secretary Alejandro Mayorkas said in a statement.
The memo said the federal government and intelligence agencies view China as one of the greatest risks to national security and are particularly concerned about China’s capability and “willingness” to conduct cyberattacks against U.S. infrastructure. The memo also warned of potential threats from “other nefarious ‘gray zone’ activities,” including financial investments, “traditional espionage” and insider threats.
In April, FBI Director Christopher Wray said that hackers linked to the Chinese government had gained access to US critical infrastructure and were “waiting for the right moment to strike a devastating blow.” Speaking at the Vanderbilt Summit on Modern Conflict and Emerging Threats, Wray said that hackers belonging to the cyber group Bolt Typhoon had breached several US companies in the communications, energy and water sectors.
Then-Acting Homeland Security Secretary Chad Wolf said at the time that the department established the China Working Group in 2020 to address the “growing threat” from China’s “malign activities in the areas of trade, cybersecurity, immigration and intellectual property.”
In 2022, the Department of Homeland Security released a “Strategic Action Plan” to counter Chinese threats to national security, considering everything from immigration violations to intellectual property theft. Action items included examining ways to expand trade with “the emerging semiconductor industry and like-minded economic partners, including India and Taiwan” and prioritizing efforts to protect U.S. infrastructure from “malicious Chinese cyber activity.” And last year, Secretary Mayorkas announced a 90-day department-wide “PRC Threat Sprint.” Like the 2022 plan, the sprint highlighted the need to protect critical infrastructure from potential cyberattacks and efforts to use DHS immigration enforcement to identify “illegal travelers” from China who come to the U.S. to “gather intelligence, steal intellectual property, and harass dissidents.”
Congress has also been taking a tougher stance against China. In 2013, the House Homeland Security Committee’s Cybersecurity Subcommittee held a hearing on the threats posed to U.S. infrastructure by China, Russia, and Iran. Congress’ efforts to ban TikTok unless it divests from its Beijing-based parent company are primarily rooted in national security concerns. Earlier this month, the House Homeland Security Committee advanced a bill that would block the Department of Homeland Security from purchasing batteries from six Chinese companies.
