CISA, NSA, and FBI warn of Chinese cyber threats to U.S. critical infrastructure

The United States faces growing threats to its critical infrastructure as the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and FBI jointly warn of cyberattacks orchestrated by Chinese state-sponsored actors. These attacks, targeting vital sectors such as Communications, Energy, Transportation Systems, and Water and Wastewater Systems, have raised alarms over potential future disruptions to national security.

European Repository of Cyber Incidents (EuRepoC) reveals that Volt Typhoon—also known as Vanguard Panda—has been identified as a key perpetrator in infiltrating critical systems. The group’s activities suggest a long-term strategy of positioning themselves for potential disruptive cyberattacks, underscoring the increasing sophistication and persistence of state-sponsored cyber threats.

The scope of the global cyber threat is vast. Between 2000 and 2023, the European Repository of Cyber Incidents (EuRepoC) recorded more than 2,500 politically motivated cyberattacks. Among these, 679 actors or groups were identified, revealing a complex web of international cyber aggression.

China has been implicated in 12% of these attacks, followed closely by Russia at 11.6%. Other major players include Iran (5.3%) and North Korea (4.7%). Yet, the covert nature of cyber warfare means that 45% of these attacks remain unattributed, leaving a significant portion of the threat landscape in the shadows.

Critical infrastructure remains a primary target, with nearly 20% of cyberattacks directed at systems vital to public safety and national stability. From power grids to water systems and transportation networks, these attacks threaten to disrupt essential services, creating vulnerabilities that could have catastrophic consequences.

This latest warning highlights the urgent need for heightened cybersecurity measures to protect against state-sponsored threats. As cyberattacks grow more frequent and complex, safeguarding critical infrastructure has become a priority for both national defence and global security. The ongoing challenge lies in uncovering and mitigating these covert threats before they escalate into full-scale disruptions.