Divergent National Cybersecurity Strategies and Threats from China and Russia
A recent think tank report warns that the United States is not adequately prepared to counter the persistent and offensive cyber campaigns conducted by China and Russia. The report highlights that both adversaries treat cyberspace as a domain for ongoing national competition, with China in particular focusing on maintaining persistent access to U.S. critical infrastructure for potential coercion or disruption. The analysis criticizes the U.S. for relying on outdated, reactive frameworks and calls for a more aggressive, offensive posture to address the evolving threat landscape.
In parallel, the United Kingdom is preparing to announce a refreshed cybersecurity strategy, reflecting on past efforts and emphasizing the need for resilience, especially in critical infrastructure. The U.K. faces challenges in resource allocation and skills gaps, which have hindered the implementation of previous strategies. Both the U.S. and U.K. are reassessing their approaches to cyber deterrence and resilience in light of increasing incidents and the strategic ambitions of state actors like China and Russia.
Related Entities
Threat Actors
Sources
Related Stories
Munich Cyber Security Conference Highlights Shift Toward Deterrence, Supply-Chain Risk, and Critical Infrastructure Resilience
Senior officials from the **EU, NATO, the United States, Sweden, Estonia, and Taiwan** used the Munich Cyber Security Conference to warn that cyber and “hybrid” operations are now a persistent feature of geopolitical competition and are increasingly aimed at **critical infrastructure** (energy, health, government services, satellites, and military command networks). EU Executive Vice President **Henna Virkkunen** argued Europe cannot be “naive” about adversaries’ ability to disrupt essential services and pointed to proposed revisions to the **EU Cybersecurity Act** intended to strengthen the EU cybersecurity agency and reduce critical ICT supply-chain risk, including phasing out designated **high-risk suppliers**. NATO Deputy Secretary General **Radmila Shekerinska** said Russia and China are challenging the alliance in both physical and digital domains and cited attempted disruptions to Poland’s energy infrastructure as an example of the threat environment. U.S. officials signaled a shift from primarily defensive “resilience” toward **deterrence** by “imposing real costs” on malicious actors, while also emphasizing deeper cyber partnerships with allies and industry to send a coordinated message to adversaries; National Cyber Director **Sean Cairncross** said a forthcoming U.S. cyber strategy will align with broader national security strategy and rely on whole-of-government tools. Estonia’s intelligence chief **Kaupo Rosin** urged Europe to invest in **homegrown offensive cyber capabilities** to reduce reliance on non-European tools, while Swedish defense official **Lisa Gustafsson** said societies must be designed to function under sustained disruption under Sweden’s “total defense” model. Taiwan’s National Security Council adviser **Yuh-Jye Lee** warned China may be rehearsing a “digital siege,” referencing activity like **Volt Typhoon** and reporting on alleged Chinese training infrastructure (“**Expedition Cloud**”) designed to simulate foreign power grids and communications networks; separate reporting also underscored that much of the technology stack underpinning cyber defense is controlled by **U.S. firms**, complicating sovereignty and supply-chain decisions.
1 months ago
Global State-Sponsored Cyber Operations and Policy Responses
Multiple nation-state actors, including China, Russia, Iran, and North Korea, are intensifying cyber operations targeting critical infrastructure, government entities, and private sector organizations worldwide. China-linked groups such as Ink Dragon have expanded espionage campaigns against European governments, while Russia-linked actors like Callisto have targeted NGOs and are implicated in disruptive attacks in Europe. Iran's MuddyWater has focused on critical infrastructure in Israel and Egypt, and North Korea is increasing disruptive attacks on various sectors. These activities are accompanied by sophisticated cybercrime campaigns, exploitation of zero-day vulnerabilities, and significant data breaches affecting sectors such as health, telecommunications, and justice. In response, Western governments and institutions are taking legal and policy actions, including EU sanctions and fines, UK and Polish legal proceedings against Russian actors, and increased attribution of attacks to state-sponsored groups. However, there is growing concern that U.S. cyber defenses are lagging behind adversaries, with strained mission capacity, weakened public-private collaboration, and unstable federal leadership. Experts call for renewed strategic focus, improved coordination with allies, and robust policy reforms to counter the persistent and evolving threat landscape posed by hostile nation-states.
2 months agoForthcoming U.S. National Cyber Strategy Emphasizes Deterrence and Industry Partnership
The U.S. government is preparing to release a new National Cyber Strategy aimed at deterring foreign cyber adversaries and strengthening public-private collaboration. National Cyber Director Sean Cairncross announced at the Aspen Cyber Summit that the strategy will be concise, actionable, and structured around six pillars, including shaping adversary behavior and enhancing industry partnerships. The strategy intends to move beyond traditional defensive measures by introducing clear costs and consequences for malicious cyber activity targeting U.S. critical infrastructure, reflecting a shift toward a more offensive and coordinated national approach. Officials highlighted that the new strategy will differ from previous versions by focusing on rapid implementation of action items and deliverables, rather than lengthy policy documents. The approach seeks to address the fragmented nature of current U.S. cyber responses by establishing a unified, government-wide framework. The strategy is currently under review by federal agencies, with input from the FBI and private sector leaders, and is expected to be released soon. The administration aims to modernize federal cyber capabilities, accelerate technology adoption, and send a strong deterrent signal to both nation-state and criminal cyber actors.
3 months ago