Adversarial nations such as China, Russia, North Korea, Iran and others are actively targeting the United States through cyber operations, posing significant risks to our national security and critical infrastructure, according to the Office of the Director of National Intelligence (ODNI).
Cyberspace often feels disconnected from our physical environment, but as noted in the Department of Homeland Security’s 2025 Homeland Threat Assessment, the barrage of attacks from nation state-sponsored and other adversaries have real world consequences—disrupting essential services, endangering lives and undermining our military readiness.
Consider that with just one recent cyber-attack team, Volt Typhoon, China has embedded malicious software deep within our critical infrastructure, positioning itself to disrupt vital systems at will, according to the Cybersecurity and Infrastructure Security Agency. In any other domain, such hostile actions would trigger immediate consequences.
Our approach to cybersecurity must reflect the seriousness of these threats.
Silently accepting the compromise of our safety and security by malicious actors is unnecessary and strategically imprudent. For instance, hackers successfully infiltrated U.S. Treasury Department computers systems in late 2024. The action was attributed to China, which did not deny it. While China stole information about U.S. taxpayers, the U.S. didn’t take a public U.S response.
Escalate deterrence measures now
Given that technology now empowers us to precisely attribute the source of attacks, failing to respond is tacit acceptance of current and future attacks. We must escalate deterrence measures along with implementing cyber defenses. We must affirmatively declare that an attack is occurring, attribute who it is coming from and clearly state that we will use all available means to defend ourselves.
If we don’t draw that line in the cyber sand, there will be no incentive for bad actors to stop.
It is also critical for the government to inform the American public of specific threats and why a threat matters to them. A good example is the ongoing controversy around the Chinese app TikTok used by millions of Americans.
Former Federal Bureau of Investigation (FBI) Director Christopher Wray noted that TikTok represents several threats from the Chinese government – unauthorized observation and collecting of American citizens’ data, potential algorithm manipulation, disinformation campaigns and more.
Assuming a wartime footing would enable the federal government to mandate that, because we are in a cyber war and are being attacked by countries attempting to undermine the safety of our infrastructure (including communications networks), U.S. citizens are not allowed to download TikTok or any other apps owned by U.S. adversaries.
While such a move might be temporarily unpopular, it would be understandable.
The government does not have the capacity or capability to defend all of the critical infrastructure in the country, much of which is privately held. What it can do is lead; issuing a call to arms that gets all sectors contributing to the common defense.
Nation needs to rally against the threat
Think back to World War II when the country rallied together and cooperated for the common good in a way far beyond “normal” times. That sense of government and industry cooperation is urgently needed for the cyber wartime in which we now exist. The Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security tasked with defending against current threats and collaborating with industry to build more secure and resilient infrastructure for the future, is the ideal agency to lead the charge.
Effective cyber deterrence and defense also require technology, for use by both private sector and government organizations managing critical infrastructure. Many technologies are already in use, including cryptography, anti-tamper, cross domain solutions and more.
Unfortunately, these solutions are typically siloed in different government deployments with differing requirements, approval and testing methodologies and certifying offices. That leaves gaps for attackers to exploit what are basically bureaucratic and documentation fissures. Quite simply, attackers go around identifiable defenses and find vulnerable places to attack. Remedying that requires siloed defenses to be brought together with haste.
The pace of innovative attacks counters the reality of federal bureaucracy.
A recent but now-rescinded executive order to promote cybersecurity innovation, while well-intentioned, would have imposed additional requirements and lethargy to an already massive collection of guidelines that govern federal contracting, known as Federal Acquisition Regulations. More rules would only impede, not accelerate, the typical three- to five-year window needed for development, acquisition and deployment of cyber solutions that are urgently needed now.
This burdensome acquisition system keeps the government on a continuous cycle of technology obsolescence. What’s more, it results in the government being denied potentially ground-breaking innovations from companies that lack the required administrative resources or that cannot sustain themselves through years of waiting.
Whether we can physically touch it or not, the cyber war is real. This moment requires clear communications to our citizens, explaining what the threats are and how to take precautions, and also to our adversaries, calling out their actions and declaring our refusal to accept them.
We must urgently pull together and enable both a posture of deterrence and a structure for rapid response.
