#cyberwarefare

The classic strategists understood that modern conflict increasingly reaches beyond battlefields and into the economic, informational, and technological systems that societies depend on. Chinese thinkers who wrote Unrestricted Warfare argued that non-kinetic instruments — a stock-market panic, a crippling malware, or a targeted disinformation campaign — can be wielded as “weapons” to inflict both material and psychological damage. Their prescription was blunt: don’t try to fight with yesterday’s weapons; build the weapons (and the doctrine) that fit the fight.

That framework is not abstract. U.S. and allied agencies have publicly warned that Beijing has mapped and pre-positioned access into networks that underpin civil life and military operations — communications backbones, energy grids, water systems, and satellite links. The Office of the Director of National Intelligence’s 2025 Annual Threat Assessment explicitly warned that, “if Beijing believed that a major conflict with Washington was imminent, it could consider aggressive cyber operations against U.S. critical infrastructure and military assets” to slow decisions, induce panic, and disrupt force deployments. Director of National Intelligence

Two named campaigns — Salt Typhoon and Volt Typhoon — illustrate the danger at scale. U.S. authorities and analysts attribute wide-reaching intrusions into telecommunications and other infrastructure to China-linked actors; those intrusions have been described in government advisories and congressional analyses as capable of being escalated into disruptive or destructive operations. Volt Typhoon in particular has been publicly tied to long-dwell compromises of energy, water, and communications firms across the United States. Congress.gov+2CISA+2

China’s approach to space similarly mirrors its cyber posture: it develops lower-cost asymmetric means to “level” capabilities against a technologically superior opponent — jammers, directed-energy systems, robotic servicers or manipulators on orbit, and anti-satellite tools that can degrade sensors and communications. In military parlance these are tools to sever the adversary’s kill chain: deprive them of sensing, command, and connectivity and you blunt their ability to operate effectively. Several U.S. senior officials and agencies have flagged space vulnerabilities as a critical national security concern. House Armed Services Committee+1

Who does what — practical roles for U.S. agencies, services, and industry

Below I recast the threat into responsibilities: who should do what before, during, and after a sophisticated cyber or space-domain campaign.

CISA (Cybersecurity and Infrastructure Security Agency) CISA is the linchpin for defensive collaboration between federal government, state/local partners, and private owners/operators of critical infrastructure. Its missions include issuing advisories, coordinating incident response, running vulnerability assessment programs, and standing up shared defensive services. Public CISA advisories have been central to naming and mitigating China-linked activity (e.g., Volt Typhoon / Salt Typhoon reporting). That said, policy choices that shrink CISA’s capacity — hiring freezes or layoffs — directly reduce the federal government’s ability to provide timely threat hunting, warnings, and technical assistance to utilities and service providers. Strengthening CISA’s remit (and funding) is therefore one of the highest-leverage defensive actions. CISA+1

Department of (War) — Department of Defense & U.S. Cyber Command (Technically the “Department of War” is a historical term; today the Department of Defense and its subordinate commands — notably U.S. Cyber Command) maintain the nation’s offensive and defensive military cyber options and task forces. Their functions in a crisis include threat attribution support, active cyber operations to hold adversary networks at risk, defensive cyber support to military and joint forces, and integration of cyber effects into combined arms planning. In short: DoD and Cyber Command deter and, if necessary, respond in the military domain to preserve force mobility and decision-timeliness.

NSA (National Security Agency) NSA is the U.S. government’s signals-intelligence and cryptologic authority. NSA’s role spans intelligence collection, foreign-cyber threat characterization, network-defense tooling (e.g., signature development, analytic tradecraft), and securing U.S. government communications. During complex intrusions, NSA provides deep-technical attribution, vulnerability discovery, and classified reporting that informs both military and civilian responses.

CIA (Central Intelligence Agency) CIA specializes in foreign human intelligence, covert collection, and long-term analytic judgments about adversary intent and capability. For cyber and space contingencies, CIA helps map foreign plans and proxy networks, supports covert options to disrupt adversary preparations, and supplies policymakers with strategic warning and context that complements NSA technical traces.

U.S. Space Force As the military service responsible for organizing, training, and equipping space forces, Space Force leads efforts to defend U.S. satellites and space-enabled services. That includes doctrine development for space conflict, exercises (e.g., Schriever Wargames), resilience measures (on-orbit redundancy, maneuverability, hardened command links), and integration with terrestrial cyberdefenses—because many attacks that affect space capabilities begin in ground networks or comms links.

NASA NASA’s civilian space expertise is essential for resilience in civil and dual-use space systems. NASA contributes scientific and engineering knowledge for satellite design, space situational awareness, and cooperative norms in space operations. Its role in a crisis is largely supportive—helping preserve civil space capabilities, advising on spacecraft survivability, and collaborating on scientific sensors that might provide redundancy for communication or Earth observation services.

SpaceX and commercial space actors Commercial space firms like SpaceX operate critical infrastructure — from launch services to orbital platforms and global satellite internet constellations. Their operational networks and ground stations are potential attack surfaces and also key resiliency assets. Public-private integration of defense and commercial capabilities (secure telemetry, hardened ground infrastructure, rapid reconstitution of capacity, and mutual assistance agreements) will be essential. Industry can move faster than government to engineer redundancy (e.g., flexible routing across constellations) and to help restore services after disruption.

Grand strategy: integrating intelligence, defense, resilience, and deterrence

A credible national posture must combine four lines of effort:

Harden and compartmentalize — CISA, DoD, and industry must enforce defenses, segmentation, zero-trust architectures, and rapid access removal for attackers found in networks. Public advisories and joint mitigation playbooks (e.g., signatures for living-off-the-land activity) accelerate the defensive response. CISA

Detect and attribute quickly — NSA, FBI, and CIA need to accelerate attribution and expose adversary tactics publicly (naming campaigns, publishing indicators) so defenders can scrub compromises before they become weaponized. Public attribution raises the cost of aggression.

Deter aggregately — deterrence must be multi-domain: hold adversary cyber and space assets at risk (DoD/Cyber Command), threaten proportional covert options (CIA), and impose economic, diplomatic, and legal consequences. Deterrence credibility grows when defensive hardening reduces the payoff of offensive intrusions.

Resilience and surge capacity — public and private sectors must plan for rapid recovery: backup communications, manual operating procedures, alternate routing, and contingency logistics for energy and water services. NASA/Space Force and commercial providers can coordinate failover strategies for satellite services.

The Trump administration’s approach to cyberwar and critical-infrastructure security (what public reporting shows)

Public reporting and official actions in 2025 indicate a mixed posture. The administration has pursued various regulatory and organizational changes affecting cybersecurity: budget proposals have targeted reductions at some cybersecurity programs, and personnel changes have affected agencies such as CISA — moves that analysts warn could reduce federal incident-response capacity. At the same time, some executive actions and policy papers emphasize efficiency and point to continued interest in hardening federal networks and preserving offensive options. In short: there is evidence of both continued emphasis on cyber tools and policies (including legacy executive orders on federal network protection) and of budgetary/staffing decisions that could weaken coordination and response capacity if not offset by other measures. Axios+2insidegovernmentcontracts.com+2

Those personnel and budget choices matter because adversaries exploit any seams. When CISA’s workforce is reduced, the ability to issue warnings, help utilities patch and purge intruders, and coordinate cross-sector exercises weakens — which in turn raises the risk that long-dwell intrusions like Volt Typhoon or Salt Typhoon can be escalated into disruptive operations. Robust deterrence therefore requires not only offensive readiness but sustained investment in civilian defensive capacity. Axios+1

Policy implications — what to do next

Fund and fortify CISA — preserve and grow civilian defensive capacity; staffing cuts materially weaken national resilience. Axios

Accelerate public-private cyber threat sharing — mandatory reporting, fast-track indicator sharing, and sector-specific playbooks reduce attacker windows. CISA

Integrate space and cyber planning — DoD/Space Force, NASA, and industry must conduct joint exercises that assume simultaneous cyber and space effects on civilian infrastructure. House Armed Services Committee

Strengthen attribution and consequences — rapid, transparent attribution paired with calibrated sanctions and covert options raises adversary costs. Director of National Intelligence

Invest in redundancy and surge recovery — commercial space operators and utilities should be incentivized to build fallback routing, cold spares, and manual operational resilience.

Conclusion

Today is a solemn day to remember, reflect, honor and remind us that we are as vulnerable today than we were 16 years ago. While we are susceptible to some of the same threats, new ones have emerged. This past week we learned Equifax fell victim to the largest security breach to date.   

Lloyds of London recently reported the threat posed by global cyber attacks has spiraled, and that it poses a huge risk over the next decade to business and governments everywhere.

Today an attack could come from anywhere with the push of a button. We are vulnerable and at risk. The WannaCry Attack in May, a few weeks later, cyber-attacks affected governments in the Ukraine with malware attacks shutting down the system.

Just like the worst natural disasters a cyber attack can cause severe damage to businesses and to the economy overall.

As we mark the solemn anniversary of 9/11, I am reminded of bombings years earlier at the World Trade Center that served as test one to those 16 years ago today. The WannaCry attacks and election tampering, infusion of fake news and other attacks on our grid and computers are each a wake-up call.

I am not advocating conspiracy theories or the world coming to an end. I am espousing a commitment to helping companies prepare for a crisis and work to minimize risks and vulnerabilities.

When faced with risks that are out of our control we can still plan. From a technical and operations side, you can make sure:

Your computers are always updated

You are using the most up-to-date software and systems

Backing up critical data

Changing passwords frequently

Not clicking on anything suspicious

You can also plan on:

Knowing the law

Knowing when to engage your stakeholders before problems become issues

Knowing what to say to them and knowing the best media to reach them

Knowing how to recover and protect if not enhance your company's reputation.

Each one of us has a right to privacy. Lately, however, that right has been breached. Our social security or credit card information has been stolen, our emails hacked, and many of our other accounts have been compromised. Threats from abroad to hack into government, universities andheavily shopped retailers, or even shut down the grid, have put us on the brink of cyber-warfare.

Businesses, large and small, need to prepare. With attacks on JP Morgan Chase, Yahoo, Target, the Democratic National Committee, US Department of Justice, Qatar and Michigan State University, it is not a matter of if, it is a matter of when and how often.

While there may be a hodgepodge of laws that deal with cyber-security, cyber attacks or data breaches, there is no one agency in the US government that has oversight, and each state has their own laws prescribing how a company discloses a breach.

As we increase our exposure, companies need to assess their risk. A public relations professional can help the CEO, CIO, HR Team and General Counsel prepare for areas of where they are vulnerable and help them respond quickly in wake of an attack. If attacked, a PR team also can help rebuild any reputational loss as a result of the breach.

This is the new reality. We download hundreds of mobile apps with our fingerprint or link the accounts automatically to our Facebook, LinkedIn or Gmail account. And SPAM or rogue emails from ͞"trusted sources" are as common as ROBO calls close to election day.

Data is being collected all around us. By clicking on disclosures to download apps we are agreeing to give away information from our smart homes, wearable technologies and soon autonomous vehicles.

Recently we learned that the Roomba is secretly mapping our homes.  With each piece of data collected we are becoming more and more vulnerable.

There are steps we can take to protect our information and the information people give to us in trust. If that trust is breached there are also steps you can take to minimize any damage to your reputation.

Know the law and a process in place for communicating a breach in data.

Have a team in place that is prepared and ready to address issues related to privacy, breaches and other reputational risks. This includes: Legal, IT, HR, Marketing and outside firms that includes legal counsel, PR counsel, insurance companies.

Gather the facts. First determine what happened.

Then determine your course of action and the messaging for communicating that.

Focus on complete and full disclosure. Never take a breach lightly. Be vigilant. Don’t hide anything and don’t delay in informing. Today we knowbreaches will occur and our data will be compromised. But let me know it was my information and what you are going to do to protect me.