U.S. Ability to Withstand Chinese, Russian Cyberattacks Questioned.

• Author: Luckenbaugh, Josh

Defending power plants pipelines and water treatment facilities from cyber threats could play a key role in a future conflict, as the United States' great power rivals have made the ability to target these essential services a warfighting priority.

In May, the Cybersecurity and Infrastructure Security Agency issued an advisory regarding a "cluster of activity of interest" associated with a People's Republic of China statesponsored cyber actor known as Volt Typhoon.

"Private sector partners have identified that this activity affects networks across U.S. critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide," the advisory said. Microsoft stated it had "uncovered stealthy and targeted malicious activity" by Volt Typhoon across communications, manufacturing, transportation, maritime and other sectors, and that the threat actor intended to conduct espionage and maintain access to critical networks.

And it's not just China. The United States' "peer and near-peer adversaries ... have capabilities against our critical infrastructure," said Mark Bristow, director of MITRE's Cyber Infrastructure Protection Innovation Center. "And not only do they have capabilities against our critical infrastructure, but those capabilities are now part of their doctrine for combined arms."

In its "Annual Threat Assessment of the U.S. Intelligence Community" published in February, the Office of the Director of National Intelligence said Russia is "particularly focused on improving its ability to target critical infrastructure ... in the United States as well as in allied and partner countries," while China is "almost certainly" capable of launching cyberattacks on key U.S. services such as oil and gas pipelines or rail systems.

"If Beijing feared that a major conflict with the United States were imminent, it almost certainly would consider undertaking aggressive cyber operations against U.S. homeland critical infrastructure and military assets worldwide," the report said. "Such a strike would be designed to deter U.S. military action by impeding U.S. decision-making, inducing societal panic and interfering with the deployment of U.S. forces."

Adversaries crafting battle plans that include targeting domestic infrastructure "is a huge shift from 10 or 15 years ago where we're just kind of groping in the dark from a capability perspective," Bristow said during a panel...