Drawing on recent cyber intrusions into U.S. critical infrastructure, Rob Joyce, former Acting Homeland Security Adviser on the U.S. National Security Council and retired NSA Director of Cybersecurity, argues that the People’s Republic of China’s campaigns—such as Volt Typhoon and Salt Typhoon—are not routine espionage, but deliberate preparations for conflict. These operations reflect a coordinated effort to pre-position access across vital systems, enabling the potential disruption of military logistics and civilian infrastructure in the early stages of a crisis. The article contends that U.S. deterrence has failed not for lack of capability, but for lack of resolve and strategic coherence. Cyber operations exploit a critical asymmetry: their effects are often invisible, deniable, and insufficient to trigger decisive political action. As a result, adversaries have been able to operate below the threshold of response while steadily expanding their foothold. The temporary decline in activity following the 2015 U.S.–China cyber agreement demonstrates that deterrence is achievable—but only when costs are imposed visibly and across domains, particularly through economic and diplomatic leverage. The piece concludes by calling for a whole-of-government approach that treats cyber intrusions into critical infrastructure as intolerable national security threats. It emphasizes the need for visible, coordinated responses—led at the presidential level—to restore credible deterrence and prevent adversaries from exploiting persistent access within U.S. systems.
READ THE FULL ARTICLE HERE
doi.org/10.55682/cdr/y0f7-s7pf
The Cyber Defense Review
Volume 11, Issue 2