Chinese hackers have burrowed deep into America's power grids, water systems, telecommunications networks, and transportation infrastructure—not to steal secrets, but to flip a kill switch. The Pentagon's December 2024 report confirms Beijing expects to fight and win a war over Taiwan by 2027.
Volt Typhoon has pre-positioned capabilities to shut down pipelines, derail trains, and sever communications between the mainland and Hawaii. In a secret December Geneva meeting, Chinese officials indirectly admitted that Volt Typhoon attacks were linked to U.S. support for Taiwan. It's the first time Beijing has acknowledged involvement.
FBI teams found Volt Typhoon malware lurking in critical systems for at least five years. Salt Typhoon compromised at least nine major U.S. telecom providers, including AT&T and Verizon, accessing call records of over a million Americans and wiretapping phones belonging to presidential campaign staff. Salt Typhoon also breached the Treasury Department in December, accessing unclassified documents from Secretary Yellen's workstation.
FBI Director Christopher Wray told Congress that Chinese cyber operatives outnumber FBI cyber personnel 50 to 1. U.S. officials admit they still cannot fully eradicate the hackers from compromised networks. Taiwan reported cyberattacks doubled to 2.4 million daily in 2024, with coordinated strikes timed to Chinese military drills.
24 events
Latest: January 17th, 2025 · 1 year ago
Showing 8 of 24
JK to step
Tap a bar to jump to that date
Jump to
January 2025
Treasury Sanctions Chinese Cyber Company
LatestSanctions
US imposes sanctions on Sichuan Juxinhe Network Technology Co. for direct involvement in Salt Typhoon exploitation of telecommunications and internet service providers.
Taiwan Reports Cyberattacks Doubled in 2024
Intelligence
Taiwan's National Security Bureau reports daily cyberattacks jumped from 1.2 million to 2.4 million in 2024, with China's 'cyber force' responsible for most attacks coordinated with military drills near the island.
Outbound Investment Restrictions Take Effect
Regulation
Treasury Department's final rule establishing Outbound Investment Security Program goes into force, requiring notification or prohibition of US investments in Chinese sensitive technology sectors.
December 2024
Treasury Department Discloses Breach
Investigation
Treasury publicly confirms Chinese state-sponsored actors accessed unclassified documents, including files from Secretary Yellen's computer. At least 50 files accessed; breach linked to Silk Typhoon group.
Ninth US Telecom Provider Compromised
Investigation
Officials reveal Salt Typhoon infiltrated additional carrier, bringing total to nine companies. FBI and CISA state they have no timeline for complete eradication of hackers from networks.
Ninth US Telecom Company Compromised
Investigation
White House cyber adviser Anne Neuberger announces Salt Typhoon breached additional US telecommunications firm, bringing total to at least nine companies. Officials state no timeline exists for complete eradication.
Pentagon Releases China Military Power Report
Assessment
Annual report warns Volt Typhoon cyber operations embedded in US infrastructure aim to disrupt military response during Taiwan crisis. Confirms China expects to achieve invasion capability by 2027 with over 600 nuclear warheads and growing.
Massive $11 Billion Arms Package to Taiwan
Military
Trump administration announces one of the largest arms sales in history: 82 HIMARS systems, 420 ATACMS missiles, 60 howitzers, and advanced drones to bolster Taiwan's defense capabilities.
Treasury Department Breach Begins
Cyber Operations
Chinese hackers exploit BeyondTrust remote support software to gain access to Treasury Department workstations, accessing unclassified documents from Secretary Yellen and other senior officials.
China Indirectly Admits Volt Typhoon in Geneva Meeting
Diplomacy
In secret Geneva meeting, Chinese Foreign Ministry official Wang Lei makes indirect but startling admission linking Volt Typhoon cyberattacks to U.S. support for Taiwan, first acknowledgment of Beijing's involvement.
November 2024
$385 Million Taiwan Arms Sale Approved
Military
Biden administration approves weapons package including F-16 spare parts and support, marking 18th arms deal to Taiwan during his presidency amid intensifying cross-strait tensions.
October 2024
Major Telecoms Confirmed Compromised
Investigation
Washington Post reveals AT&T, Verizon, and Lumen among carriers infiltrated by Salt Typhoon, with hackers accessing law enforcement wiretap systems and call records of over one million users.
September 2024
Salt Typhoon Breach First Reported
Investigation
Reports emerge that Chinese hackers compromised multiple US telecommunications providers in sophisticated espionage operation targeting government and campaign officials.
Easterly warns that July's CrowdStrike software update—which grounded flights and crashed hospital systems—previews the chaos China could unleash by targeting infrastructure during conflict.
February 2024
Five Eyes Joint Advisory Issued
Intelligence
US, UK, Canada, Australia, and New Zealand publish coordinated cybersecurity advisory detailing Volt Typhoon tactics and urging critical infrastructure operators to hunt for compromise indicators.
January 2024
FBI Director Warns Congress of Infrastructure Threat
Congressional Testimony
Christopher Wray testifies that Chinese hackers are positioning to 'wreak havoc' on US critical infrastructure during Taiwan conflict. FBI announces court-authorized operation disrupted Volt Typhoon botnet on hundreds of routers.
CISA Director: 'Tip of the Iceberg'
Congressional Testimony
Jen Easterly tells lawmakers that Volt Typhoon intrusions found across multiple critical infrastructure sectors represent only a fraction of the threat, warning 'very basic' security flaws enabled penetration.
August 2023
Biden Issues Outbound Investment Executive Order
Regulation
President announces restrictions on US investment in Chinese companies developing sensitive technologies including semiconductors, quantum computing, and artificial intelligence.
May 2023
Volt Typhoon Publicly Disclosed
Intelligence
Microsoft and Five Eyes intelligence agencies publish joint advisory revealing Chinese state-sponsored actors embedded in US critical infrastructure since at least mid-2021.
October 2022
Sweeping Semiconductor Export Controls
Regulation
Commerce Department implements dramatic export restrictions on advanced computing chips and manufacturing equipment to China, aiming to foreclose Beijing's ability to develop cutting-edge semiconductors.
August 2022
CHIPS Act Signed Into Law
Legislation
Biden signs $52 billion semiconductor manufacturing incentive package with restrictions barring recipients from expanding advanced chip production in China for ten years.
January 2022
Salt Typhoon Telecommunications Campaign Begins
Cyber Operations
Chinese hackers begin multi-year operation to penetrate US telecommunications providers, eventually compromising nine major carriers.
May 2021
Volt Typhoon Campaign Begins (Estimated)
Cyber Operations
Chinese state-sponsored hackers begin infiltrating US critical infrastructure systems including energy, water, communications, and transportation networks.
March 2018
Trump Administration Launches China Trade War
Economic
US imposed tariffs on $250 billion of Chinese imports after Section 301 investigation, marking escalation of strategic competition beyond traditional security domains into technology and trade.
Historical Context
3 moments from history that rhyme with this story — and how they unfolded.
1 of 3
2010
Stuxnet: The First Cyber Weapon (2010)
The US and Israel deployed the Stuxnet worm against Iran's Natanz uranium enrichment facility, marking the first cyberattack that caused physical destruction of industrial infrastructure. The sophisticated malware infiltrated air-gapped systems via infected USB drives, altered programmable logic controllers, and destroyed 984 centrifuges by spinning them irregularly. Iran's nuclear program was set back at least a year without a single bomb dropped or missile fired.
Then
Delayed Iranian nuclear weapons development; demonstrated feasibility of cyber-kinetic attacks.
Now
Opened Pandora's box of state-sponsored infrastructure cyberattacks; established precedent nations now invoke to justify offensive operations.
Why this matters now
Stuxnet proved cyberweapons can achieve strategic military objectives without traditional force. Volt Typhoon represents the mirror image: instead of destroying enemy infrastructure, China is pre-positioning to destroy American infrastructure, potentially with far broader civilian impact than Stuxnet's surgical targeting.
2 of 3
1947-1991
Cold War Soviet Espionage and Infrastructure Targeting
Soviet intelligence services conducted extensive espionage operations inside the United States, stealing atomic bomb secrets, infiltrating government agencies, and mapping critical infrastructure. Unlike today's cyber operations, Soviet spies relied on human intelligence networks and attempted to sabotage diplomatic relationships. The KGB's focus on science, technology, and military secrets paralleled current Chinese cyber-espionage priorities, though the methods differed dramatically.
Then
USSR successfully stole nuclear weapons technology, accelerating their atomic bomb program by years.
Now
Espionage rivalry persisted throughout the Cold War; many techniques and intelligence priorities continued into post-Soviet Russian operations.
Why this matters now
Today's US-China competition echoes Cold War dynamics: ideological adversaries, nuclear arsenals, global spheres of influence, and espionage focused on technological advantage. But China's cyber pre-positioning in civilian infrastructure is unprecedented—the Soviets never had the capability to remotely shut down American power plants from Moscow.
3 of 3
December 7, 1941
Pearl Harbor and Homeland Vulnerability (1941)
Japan's surprise attack on Pearl Harbor killed 2,403 Americans, destroyed or damaged 19 ships and 328 aircraft, and shocked a nation that felt protected by two oceans. The attack demonstrated that geographic isolation no longer guaranteed security. It galvanized American entry into World War II and led to massive military mobilization and infrastructure hardening.
Then
US declared war on Japan; suffered temporary Pacific naval superiority loss; faced military mobilization challenges.
Now
Transformed American strategic culture from isolationism to global engagement; established forward military presence as deterrence doctrine.
Why this matters now
Volt Typhoon represents a 21st-century Pearl Harbor scenario: a surprise attack on American homeland infrastructure designed to delay military response during a Pacific conflict. The difference is that Chinese hackers are already inside the target systems, waiting. The attack could begin before the first shot is fired over Taiwan.
