At a hearing today, U.S. Senator Deb Fischer (R-Neb.), a senior member of the Senate Armed Services Committee, questioned senior defense officials about cyberattacks by organizations linked to China against communications, energy, transportation, water, and wastewater systems in the United States.

During the hearing, Senator Fischer asked U.S. Cyber Command (CYBERCOM) Commander Timothy Haugh whether these attacks are aimed at stealing U.S. data or causing severe disruptions to U.S. critical infrastructure ahead of a potential conflict.

Earlier this year, six U.S. agencies released a public cybersecurity warning stating that the behavior of Chinese state-sponsored cyber actors differ from traditional cyber espionage or intelligence gathering operations, and that they are likely attempting to pre-position themselves on IT networks to disrupt functions.


Click the image above to watch a video of Sen. Fischer’s questioning

Click here to download audio

Click here to download video

On China’s Efforts to Compromise U.S. Critical Infrastructure:

Senator Fischer: I appreciate the work that CYBERCOM and NSA have done to share these threats with the public. As you outlined in your cyber advisory, cyber organizations linked to China are compromising the communications, energy, transportation, water, and wastewater organization in the United States and its territories. Do you view these attacks as primarily aimed at exfiltrating data, or as Chinese cyber actors positioning themselves to cause severe disruptions to U.S. critical infrastructure in advance of or during a potential conflict?

General Haugh: Senator, thank you very much for the question. I think one of the primary things that we see as opportunity, as U.S. Cyber Command, is to expose these activities to the broadest audience we can. We do that with all of our partners, principal to that is the National Security Agency. In this case, I cannot see a reason, from a foreign intelligence perspective, why anyone would target critical infrastructure. So, I'm very concerned that these would be a pre-positioning for a potential crisis.

On the Importance of Sharing Intelligence to Combat Threats:

Senator Fischer: How is CYBERCOM leveraging its expertise and technical capabilities to alert the Department and the American public and develop mitigation strategies?

General Haugh: Senator, we start really everything that we look at — if we're seeing a campaign and how we approach a threatening series of activities — we start with generating insights. How do we understand what is happening, and how do we communicate that to the maximum number of organizations possible? How do we enable defense? Whether that's partnering with another combatant command, like STRATCOM when we think about our strategic capabilities or TRANSCOM for global logistics or NORTHCOM in terms of defense critical infrastructure, how do we enable their defense? And then, we also deliver options of how we would impose costs, whether directly or through our interagency partners. So, we approach that at every step. But really, what we see as one of the most impactful things is exposing, and then giving the techniques for how to identify these activities so they can be countered by multiple organizations.

On Working with U.S. Allies to Identify Threats:

Senator Fischer: How is CYBERCOM working with our allies, with our partners to help them identify these threats as well, that they might be facing towards their critical infrastructure?

General Haugh: So first, we do the same thing, which is — you'll see on many of those cybersecurity advisories, it starts with, 'who do we bring in that will have information that will help illuminate this threat?' In many cases, that's industry, and it's also our foreign partners. So, on many of those seals across the top of those advisories, you'll see many nations. And that'll include our Five Eye partners. We've also done them with Japan. And you'll see that grow as we continue to expand those partnerships, and we share information.

Pursuant to Senate Policy, petitions, opinion polls and unsolicited mass electronic communications cannot be initiated by this office for the 60-day period immediately before the date of a primary or general election. Subscribers currently receiving electronic communications from this office who wish to unsubscribe may do so here.