The White House’s outgoing cyber czar, Harry Coker, called for three key things to meet the growing threat of digital attacks: more funding, deregulation and opening up cyber jobs to those without college degrees.

As adversaries like Iran, China and Russia lob near-constant attacks on the U.S. digital infrastructure, "we have to prioritize cybersecurity within federal budgets" President Joe Biden’s national cyber director said at an event with the Foundation for Defense of Democracies in Washington, D.C.

"I would love for the incoming administration, or any administration, to recognize the priority of cybersecurity," Coker said. 

He added that he understands the U.S. is in a "tough budget situation."

"I get that, and I support making progress towards reducing the deficit, but we have to prioritize cybersecurity within our current budgets," he said.

At the same time, the Biden appointee railed against "duplicative federal regulation" and said he’d heard from those working to protect the nation’s online infrastructure that they spend "a staggering 30 to 50%" of their time working to comply with regulation, rather than ensuring protection from hacks.

"Armed with the industry's call to streamline, we worked with Congress to write bipartisan legislation that would bring all stakeholders, including independent regulators, to the table to advance the regulatory harmonization," he went on.

TOP REPUBLICAN DEMANDS 'COSTS' FOR CHINA AFTER IT HACKED TREASURY DEPT IN YEAR MARKED BY CCP ESPIONAGE

"Many of us were disappointed that this has not become law yet, but we have laid the groundwork for the next administration in Congress to do the right thing for our partners in the private sector."

His urging comes as the U.S. is grappling with the fallout of one of China’s biggest attacks on American infrastructure in history, dubbed Salt Typhoon. 

A Chinese intelligence group infiltrated nine U.S. telecommunications giants and gained access to the private text messages and phone calls of Americans, including senior government officials and prominent political figures. 

The Salt Typhoon hackers also gained access to an exhaustive list of phone numbers the Justice Department had wiretapped to monitor people suspected of espionage, granting them insight into which Chinese spies the U.S. had caught onto and which they had missed.

FBI'S NEW WARNING ABOUT AI-DRIVEN SCAMS THAT ARE AFTER YOUR CASH

China was also behind a "major" hack of the Treasury Department in December, gaining access to unclassified documents and the workstations of government employees. 

And earlier this year, Commerce Secretary Gina Raimondo’s communications were intercepted by Chinese intelligence, just as she was making determinations about new export controls on semiconductors and other key technologies. The same hacking group also targeted officials at the State Department and members of Congress.

Amid this onslaught of attacks, Coker said the cyber industry is suffering a recruitment issue. 

"Today there are nearly 500,000 open cyber jobs in this great nation," he said. 

"The federal government is leading by example… removing federal employee and contractor hiring from a focus on college degrees to a focus on what we're really after: skills.

"When we do away with the four-year college degree requirement, we expand our talent pool," Coker went on. "Many Americans don't have the time or the means to go to college for four years, but they can do it for two years or less."

China was behind a "major" hack of the Treasury Department, the Biden administration said Monday, gaining access to unclassified documents and the workstations of government employees. 

After a year fraught with hacking across all government agencies, China experts say it’s time to get serious about thwarting adversarial espionage. 

"The latest intrusion should not come as a surprise. For too long, the CCP has paid no real price for its increasingly aggressive intrusions into our homeland and networks," Rep. John Moolenaar, R-Mich., chairman of the House China Select Committee, told Fox News Digital. 

"It is time for Congress and the incoming Trump administration to impose escalating costs to deter the CCP." 

It’s not yet clear what exactly the hackers were seeking. The Treasury houses sensitive data about global financial systems, as well as estimates about China’s ailing economy. It also carries out sanctions on Chinese companies, as well as those aiding Russia in the war on Ukraine.

"Even though the Treasury says the Chinese only got unclassified documents, we’ve got to remember that a hack of the Treasury sends shudders not just across the U.S., but across the world. Countries rely on the dollar, can you rely on the stability of the American financial markets?" said China expert Gordon Chang. 

CHINA DIRECTS LARGEST MILITARY BUILD-UP SINCE 1930S NAZI GERMANY, EXPERT WARNS, CITING PENTAGON REPORT

Treasury was notified by a service provider of the breach on Dec. 8, and all systems affected were taken offline. China called the accusation that it was behind the act "baseless" and said it "consistently opposes all forms of hacking."

Despite China’s denial, the Treasury insisted a Chinese state-sponsored actor was behind the attack. Chang suggested Xi may have intended to get caught to send a message to the world. 

"We can't actually exclude the possibility that the Chinese wanted to be caught because they wanted to actually create uncertainty around the world. They wanted to show the world that the United States is not safe — their networks are not good, the Chinese control them at will."

STATE ATTORNEYS GENERAL ASK SCOTUS TO UPHOLD TIKTOK DIVEST-OR-BAN LAW AMID TRUMP REQUEST TO PAUSE BAN

Just weeks ago, President-elect Donald Trump seemed to be making an attempt to smooth over relations with China with an invitation to President Xi Jinping for his inauguration. But the recent hacking attempt suggests such efforts might be futile, according to Chang. 

"American presidents had tried preemptive concessions to China for decades. They've not resulted in benefits to us. And the reason is because the Chinese don't reciprocate them," he said.

Earlier this year, Commerce Secretary Gina Raimondo’s communications were intercepted by Chinese intelligence, just as she was making determinations about new export controls on semiconductors and other key technology. The same hacking group also targeted officials at the State Department and members of Congress.

And the Treasury hack comes just as the Biden administration is grappling with one of China’s biggest attacks on American infrastructure in history, dubbed Salt Typhoon. 

A Chinese intelligence group infiltrated nine U.S. telecommunications giants and gained access to the private text messages and phone calls of Americans, including senior government officials and prominent political figures. 

The Salt Typhoon hackers also gained access to an exhaustive list of phone numbers the Justice Department had wiretapped to monitor people suspected of espionage, granting them insight into which Chinese spies the U.S. had caught onto and which they had missed.

The onslaught of cyberattacks has prompted frustration — and raised questions — about cybersecurity and why America's adversaries are able to penetrate U.S. government systems with regularity.

"The American people should be angry at the Chinese for hacking us, but they should be outraged at our political leaders because our political leaders know what's going on. They have the means to protect us, and they have decided not to do so," said Chang. 

Last week, incoming national security adviser Rep. Mike Waltz, R-Fla., suggested the U.S. needed to not only play defense but go on offense to the attacks. 

"We have to stop trying to just play better and better defense," he told Fox Business' Maria Bartiromo. "We need to start going on offense."

"We need to start imposing consequences for those that are stealing our technology, spying on us, and now with a program called Volt Typhoon, is putting cyber time bombs on our critical infrastructure, like our water, our grid and our ports," Waltz said.

"America can’t afford to just play defense on cyber anymore. We’ve got to go on the offensive and impose COSTS on those who are stealing our technology and attacking our infrastructure," he added on X.

Trump has proposed a 60% tariff on U.S. imports from China. Last month, the Biden administration issued its most stringent crackdown yet on China's semiconductor industry with the intent of hindering its ability to develop AI for modern military uses.

The White House said Friday that a ninth U.S. telecommunications company has been hacked as part of a Chinese espionage campaign that gave the country's officials access to private texts and phone conversations of Americans.

The Biden administration said earlier this month that at least eight telecommunications companies and dozens of nations had been impacted by the Chinese hacking operation known as Salt Typhoon.

On Friday, deputy national security adviser Anne Neuberger told reporters that a ninth victim had been identified after the administration released guidance to companies about how to locate Chinese hackers in their networks.

The hackers compromised the networks of telecommunications companies to gather customer call records and access the private communications of a limited number of people, officials said.

CHINA WARNS US TO STOP ARMING TAIWAN AFTER BIDEN APPROVES $571M IN MILITARY AID

The FBI has not publicly identified any of the victims, but officials believe senior U.S. government officials and prominent political figures are among the victims whose communications were accessed.

Neuberger said officials did not yet have a precise sense of how many Americans overall were targeted by Salt Typhoon, in part because the hackers were careful about their methods, but she said that a "large number" of the victims were in Washington, D.C., and Virginia.

TRUMP SAYS FATE OF TIKTOK SHOULD BE IN HIS HANDS WHEN HE RETURNS TO WHITE HOUSE

Officials said they believe the hackers wanted to identify who owned the devices and spy on their texts and phone calls if they were "government targets of interest," Neuberger said.

Most of the victims are "primarily involved in government or political activity," the FBI said.

Neuberger said the hacking showed the need for required cybersecurity practices in the telecommunications industry, which the Federal Communications Commission is set to look at during a meeting next month.

CLICK HERE TO GET THE FOX NEWS APP

She also said, without offering details, that the government was planning further action in the coming weeks in response to the hacking campaign, though she did not say what they were.

"We know that voluntary cybersecurity practices are inadequate to protect against China, Russia and Iran hacking of our critical infrastructure," she said.

The Chinese government has denied responsibility for the hacking campaign.

Cybersecurity has been a major subject of discussion in recent years, with purported Chinese spy balloons floating overhead, a major Appalachian oil pipeline hacked with ransomware and questions about mysterious drones over New Jersey skies. 

But one overlooked area of focus in this regard is agriculture, several prominent figures have said — especially with America’s ag states primed to lend their top political leaders to Washington in the new year.

Dakota State University President Jose-Marie Griffiths told Fox News Digital how important the heartland has become geopolitically, with several Dakotans gaining leadership or cabinet roles in the new year — including Sen. Mike Rounds, R-S.D., chairing the Senate Armed Services Subcommittee on Cybersecurity.

"I said quite a lot in the past and in [congressional] testimony about my concerns about agriculture and food production’s critical infrastructure, which came rather late to the cybersecurity critical infrastructure table," Griffiths said.

INFLATION, SUSTAINABILITY AND GLOBALISM ARE POTENTIAL DEATH SENTENCE TO US AG: FARMERS

"People [will] start to realize the agricultural vehicles they're using increasingly are autonomous and connecting to broadband [via] satellite — and other ways that these become vulnerable. And for people who wish to do us harm, they're exploiting vulnerabilities as much as they can."

Residents across the heartland pay much more attention to the threats China and other rivals pose to the U.S. agriculture sector, she said. 

With advancements in technology, hackers can now find their way into harvesters, granaries and the nation’s freight-train network, Griffiths and Rounds said separately.

Whether the cash crop is Pennsylvania potatoes, Florida oranges or Dakotan wheat, all are crucial to the U.S. economy and supply chain, and all can be subject to cyberthreats, Griffiths suggested.

Rounds told Fox News Digital he has studied for some time the potential vulnerabilities of the American agriculture sector when it comes to foreign actors and cybersecurity.

"It’s more than just the vehicles and so forth," he said.

"A lot of it has to do with the infrastructure that we rely on. A good example is your water systems; your electrical systems... All of those right now are connected and they all have cyber-points-of-entry. 

"And so, we have been, for an extended period of time, looking at threats that could come from overseas by adversaries that would like to infiltrate not only the water supplies, but also the electrical systems… and in some cases, sewer systems."

Rounds said he and other lawmakers have been focused on where malign actors can proverbially "shoot the arrows at us," and figure out who they are and how to stop them.

GREEN GOVERNANCE IS THE NEW GUISE FOR MERCANTILISM, WILL LEAD TO GLOBAL INSTABILITY: KEVIN ROBERTS

He said the Chinese firm Huawei had been selling cheap hardware to rural telecom entities and could be able to infiltrate communications systems.

"Once we found out that that was in there… that they could be putting in latent materials that could be activated at a later date, we've gotten most of them pulled out. But that's just one example of the ways in which rural areas can be a way into the rest of our communication systems," he said.

Rounds said drones are becoming increasingly used in agriculture, and they, too, have the danger of being hacked.

Vehicles like harvesters and tractors have also greatly advanced technologically in the near term and face similar challenges.

"A lot of that right now is done with GPS. You get into your tractor, you plug it in and basically it'll drive it for you. We leave people in those tractors, but at some stage of the game, some of those might very well become autonomous as well — and they're subject to cyber-intervention…" he said.

Grain elevators also can be interfered with, which stymies marketing and transportation, and endangers the greater supply chain and the ability for a farmer to sell on the open market, Rounds said.

Asked if he preferred today’s agriculture sector to the era before automation, Rounds said it’s not about what he thinks, but what is going to happen in the future.

"We will have more and more autonomous vehicles being used in farming. And the reason is we don't have the manpower — and we replace it with machinery. The machinery is going to get bigger. It's going to become more sophisticated, and we're going to be expected to do more things with fewer people actually operating them.," he said.

"The supply chain is so critical. We rely on autonomy in many cases for a lot of the delivery of our resources, both to the farmer, but also back out from the farmer in terms of a commodity that he wants to market."

CLICK HERE TO GET THE FOX NEWS APP

If that new technologically-advanced system malfunctions or is hacked, it will greatly disrupt the ability to provide the raw materials to the people and companies "actually making the bread" and such.

Amit Yoran, CEO of exposure management firm Tenable, recently testified before the House Homeland Security Committee and spoke at length about cyber threats to critical U.S. infrastructure.

Asked about cybersecurity in the agriculture realm, Yoran told Fox News Digital recently that there is "no singular defense paradigm that could effectively be applied across all sectors."

"Some critical infrastructure providers have a high degree of cybersecurity preparedness, strong risk understanding and risk management practices, and very strong security programs. Others are woefully ill-prepared," said Yoran, whose company is based in Howard County, Maryland.

China is the most active and persistent cyberthreat to American critical infrastructure, but that threat has changed over the last two decades, the Cybersecurity and Infrastructure Security Agency (CISA) says.

"I do not think it is possible to design a foolproof system, but I do not think that should be the goal. The goal should be to make it very difficult to get in," Cris Thomas, sometimes known as Space Rogue, a member of L0pht Heavy Industries, said during testimony before the Governmental Affairs Committee May 19, 1998.

L0pht Heavy Industries was part of one of the first congressional hearings on cybersecurity threats. Members of the group warned it was possible to take down the internet in 30 minutes and that it was nearly impossible to make a defense system that was 100% foolproof. It also had difficulties when it came to tracking where threats came from.

FBI, CISA SAY CHINESE HACKERS BREACHED MULTIPLE US TELECOM PROVIDERS IN TARGETED ATTACK

"Backtracking and reverse hacking is a relatively tricky area. Based upon the relatively antiquated protocols that you are dealing with, there is not a tremendous amount of information as to where things came from, just that they came," said another member of the group, Peiter Zatko, who testified under his codename, "Mudge."

By the time the hearing took place, China was likely already at work. In the early 2000s, the U.S. government became aware of Chinese espionage targeting government entities. One string of operations known as Titan Rain started as early as 2003 and included hacks on the U.S. departments of State, Homeland Security and Energy. The public became aware of the attacks several years later.

Around that time, the current CISA Director, Jen Easterly, was deployed to Iraq to investigate how terrorists were using new technology.

"I actually started in the world of counterterrorism, and I was deployed to Iraq and saw how terrorists were using communications technologies for recruitment and radicalization and operationalizing improvised explosive devices," Easterly said.

T-MOBILE HACKED BY CHINESE CYBER ESPIONAGE IN MAJOR ATTACK ON US TELECOMS

At that time the U.S. government was investing in cyberwarfare. The Bush administration had ordered studies on computer network attacks, but officials eventually expressed concern over the amount of damage those attacks could cause. Instead, the U.S. moved to a more defensive posture that focused on defending against attacks.

"When I stood at the Army's first cyber Battalion and was involved in the stand-up of U.S. Cyber Command, we were very focused on nation-state adversaries," Easterly said. "Back then, China was really an espionage threat that we were focused on."

Threats from China would eventually intensify. According to the Council on Foreign Relations’ cyber operations tracker, in the early 2000s, China’s cyber campaigns mostly focused on spying on government agencies.

"Officials have rated China's aggressive and wide-ranging espionage as the leading threat to U.S. technology," Sen. Kit Bond, R-Mo., warned in 2007.

By then, China had a history of spying on U.S. innovation and using it to replicate its own infrastructure. In 2009, Chinese hackers were suspected of stealing information from Lockheed Martin’s Joint Strike Fighter Program. Over the years, China has debuted fighter jets that look and operate like U.S. planes.

CHINESE HACKERS OUTNUMBER FBI CYBER PERSONNEL ‘BY AT LEAST 50 TO 1,’ WRAY TESTIFIES

"China is the preeminent threat to the U.S.," Easterly said. "We are laser-focused on doing everything we can to identify Chinese activity, to eradicate it and to make sure we can defend our critical infrastructure from Chinese cyber actors."

In 2010, China shifted its targets to the public sector and began targeting telecommunications companies. Operation Aurora was a series of cyberattacks in which actors conducted phishing campaigns and compromised the networks of companies like Yahoo, Morgan Stanley, Google and dozens more. Google left China after the hacks and has yet to return its operations to the country. By the turn of a new decade, evidence showed China was also spying on critical infrastructure in the U.S. and abroad.

"Now we are looking at them as a threat to do disruptive and destructive operations here in the U.S. That is really an evolution that, frankly, I was not tracking and was pretty surprised when we saw this campaign," Easterly said.

The Council on Foreign Relations Cyber Operation Tracker reveals China has frequently targeted trade operations and military operations in the South China Sea, and one of its favorite targets in the past decade has been Taiwan.

"We have seen these actors burrowing deep into our critical infrastructure," Easterly said. "It's not for espionage, it's not for data theft. It's specifically so that they can launch disruptive or destructive attacks in the event of a crisis in the Taiwan Strait."

Taiwan is the world’s largest producer of semiconductors, and data shows how China has spied on all companies involved in all parts of that supply chain from mining to semiconductor producers.

"A war in Asia could have very real impacts on the lives of Americans. You could see pipelines blowing up, trains getting derailed, water getting polluted. It really is part of China's plan to ensure they can incite societal panic and deter our ability to marshal military might and citizen will. This is the most serious threat that I have seen in my career," Easterly said.

China’s public and private sector are closely intertwined by regulation, unlike in the U.S., where partnerships are key for defense.

"At the end of the day, it is a team sport. We work very closely with our intelligence community and our military partners at U.S. Cyber Command. And we have to work together to ensure that we are leveraging the full tools across the U.S. government and, of course, working with our private sector partners," Easterly said. 

"They own the vast majority of our critical infrastructure. They are on the front lines of it. And, so, ensuring that we have very robust operational collaboration with the private sector is critical to our success in ensuring the safety and security of cyberspace."

The prolific hacking group broke into Caesars Entertainment, Coinbase, DoorDash, Mailchimp, Riot Games, Twilio (twice), and dozens more. 

© 2024 TechCrunch. All rights reserved. For personal use only.

The five alleged hackers are accused of stealing millions of dollars in crypto, and corporate data from several victims all over the world.

© 2024 TechCrunch. All rights reserved. For personal use only.