Cybersecurity experts are urging the U.S. and its allies to adopt a collective defense approach akin to NATO to safeguard against China’s hacking activities.
China’s cyber espionage has become a pivotal element of its foreign policy, with experts taken aback by the extensive and intricate offensive cybersecurity infrastructure it has developed.
Blake Cahen, Director of Cybersecurity at IronNet, cautions that unless countries and companies bolster their online defenses, breaches are likely to persist.
He emphasizes that collective defense, akin to NATO, involves sharing data to ensure that a compromise or threat affecting one member of the collective does not stand alone.
“You look at any kind of breach today, and ask how long is it before those details are commercially known? If it’s a company that is publicly traded or maybe a healthcare customer or financial institution, they have certain requirements that may prevent them from disclosing the attack for weeks to months. So being a part of this collective defence community enables you to take that compromised data and share them instantaneously across all the members,” he said.
In an interview with National Security News, Cahen highlighted that individuals from the general public, corporations, and even high-ranking government officials often succumb to simple online scams like “phishing” emails.
“If you don’t look past the surface, the email looks like it’s coming from your mom, your brother, your CEO. And they’re saying, I need you to do X. And the second you reply to that, you’re already the victim and you’re the fish on the hook.”
Cahen further remarked that such attacks will increasingly advance in sophistication as cyber attackers integrate artificial intelligence into their arsenal.
In January, FBI Director Christopher Wray informed a U.S. House Select Committee that Chinese hackers were gearing up to cause significant harm and disruption to American citizens and communities, labeling China’s multi-faceted cyber offensive as “the defining threat of our generation.”
State-sponsored Chinese hackers have also targeted corporations. In March, the U.S. Department of Justice indicted seven Chinese nationals suspected of operating a 14-year-long hacking operation aimed at thousands of foreign individuals and companies. This network reportedly accessed economic plans, intellectual property, and trade secrets of American businesses, contributing to billions of dollars in annual losses to the United States.
Cahen stressed the necessity of a “collective self-defense” system to educate organizations about the ongoing risks posed by this evolving threat landscape.