Executive Summary

China and Russia have established themselves as substantial forces in the domain of cyber warfare, presenting considerable obstacles to U.S. national security.

These nations possess advanced cyber capabilities enabling a spectrum of operations, ranging from espionage and data breaches to disruptive attacks targeting critical infrastructure.

The rising cyber dominance of these states underscores significant vulnerabilities within the United States, especially in sectors like energy, finance, and healthcare, which are increasingly interconnected but frequently lack adequate defenses.

of deterrence in the cyber realm has become notably intricate.

Unlike traditional military threats, cyber attacks can be executed anonymously, leading to immediate, widespread disruption without the necessity for conventional military confrontations.

Consequently, the U.S. is currently grappling with a deterrence crisis; existing strategies are inadequate to tackle the complexities inherent in cyber conflict.

This reality demands a thorough reevaluation of America's cyber defense approaches, necessitating increased investment in cutting-edge cybersecurity technologies and the cultivation of stronger alliances to effectively counteract the challenges posed by these adversarial nations in cyberspace.

Introduction

The statement that “China and Russia are both winning the cyberwar” accurately reflects a sobering truth corroborated by numerous intelligence evaluations and cybersecurity specialists.

Recent 2025 threat intelligence assessments reveal that both countries have secured significant strategic advantages in cyberspace, taking full advantage of the vulnerabilities embedded in America's digital infrastructure and deterrence posture.

China’s Cyber Supremacy: Unprecedented Scale and Sophistication

China has emerged as the most formidable adversary in cyberspace, with cyber espionage operations undertaken by Chinese state actors increasing by 150% in 2024 alone.

The magnitude of these operations is staggering, with attacks against sectors such as finance, media, manufacturing, and industrial targets escalating up to 300%, indicating Beijing’s systematic approach to cyber warfare.

The People’s Republic of China (PRC) stands as the most active and persistent cyber threat to U.S. government institutions, private enterprises, and critical infrastructure networks. Chinese operations have transcended traditional espionage methodologies.

The Volt Typhoon campaign exemplifies this strategic evolution, signifying a shift toward preemptively establishing access to U.S. critical infrastructure for potential destructive actions during crises or conflicts.

This state-sponsored initiative has successfully penetrated the networks of essential infrastructure organizations within the continental United States and its territories, including Guam, with a focus on the Communications, Energy, Transportation Systems, and Water and Wastewater Systems sectors.

Worryingly, the Salt Typhoon operation, recently acknowledged by China in response to U.S. support for Taiwan, represents a large-scale telecommunications breach impacting nine U.S. telecom firms, compromising the private communications of senior government officials—including calls and texts involving former President Trump and Vice President Vance.

The FBI has categorically labeled these incidents as “the most egregious national security breach in U.S. history by a nation-state hacking group.”

Russia’s Asymmetric Cyber Warfare Strategy

Russia has adeptly integrated cyber operations with military action, leveraging its unique capabilities to enhance the combined impact on U.S. assets during conflict situations.

State and non-state cyber entities in Russia maintain a robust volume of offensive operations against U.S.-affiliated networks, with state-sanctioned operations primarily focusing on cyber espionage rather than direct assaults.

The scope of Russian cyber activities extends beyond conventional military targets. Pro-Russian groups, such as the Cyber Army of Russia Reborn, have conducted numerous low-level cyberattacks on U.S. water and energy infrastructures, jeopardizing national security and public safety by potentially disrupting access to vital utility services.

America’s Critical Vulnerabilities Exposed

Infrastructure Weaknesses

The U.S. confronts alarming cybersecurity failures across its critical infrastructure. Over 20 major U.S. energy firms exhibit vulnerabilities to cyberattacks, with more than 5,750 weaknesses identified within these networks—two-thirds of which are classified as high-severity or critical-severity.

The issue transcends the energy sector; many critical infrastructure operators expose Operational Technology (OT) systems to the public internet or engage contractors and third-party software without adequate vetting processes. This oversight creates extensive attack surfaces that adversaries readily exploit.

Deterrence Strategy Failures in Cybersecurity

The effectiveness of America’s cyber deterrence strategy is fundamentally in question. Analysts assert that the United States has inadequately recognized the distinctive aspects of cyberspace as a strategic domain, opting instead to impose a nuclear deterrence paradigm.

This misalignment has fostered a “Doctrine of Restraint,” which has ultimately backfired; while the U.S. anticipated a robust deterrent effect, adversaries have adopted differing strategic paradigms altogether.

The evidence is compelling: while traditional deterrence has continued to avert nuclear and conventional conflicts involving the United States and its allies, its efficacy diminishes markedly when addressing other cyber-related threats.

The U.S. has struggled to deter notable aggressions, including Chinese territorial expansion in the South China Sea, technological espionage from China, electoral interference by Russia, and Iran’s ongoing low-intensity cyber hostilities.

Organizational and Resource Constraints

The United States’ cyber defense capabilities are facing significant encumbrances.

For example, the Cybersecurity and Infrastructure Security Agency (CISA) has experienced a drastic reduction in workforce—losing one-third of its personnel due to budgetary constraints—while its operational authorities remain severely limited, lacking the stature of law enforcement, military, or intelligence entities.

Consequently, CISA primarily functions as a threat-sharing hub without robust operational capacity.

Compounding these challenges, previous budget proposals from the Trump administration sought to cut funding and devolve cybersecurity responsibilities to state governments, jeopardizing the nation’s capacity to counter digital threats effectively.

Such measures leave critical infrastructure entities—particularly smaller organizations—vulnerable and unsupported.

The Survival Question: Is America Prepared?

Immediate Threats to National Security

The threats currently posed are both persistent and active. Notably, Chinese hackers maintain unauthorized access to U.S. telecommunications systems, with officials privately expressing concerns about foreign entities having unrestricted entry to sensitive voice messages and calls.

The Volt Typhoon group exemplifies this, having sustained access to certain IT environments for five or more years.

Economic and Societal Impact

The economic consequences of cybercrime are staggering, with damage projections anticipated to exceed $6 trillion annually by 2021.

Furthermore, as critical infrastructure systems become increasingly interconnected, the risk of cyber incidents with severe kinetic and non-kinetic ramifications escalates, bringing the specter of a "cyber 9/11" closer to reality.

This risk is exacerbated by rapid technological innovation, hyper-connectivity, and burgeoning digital dependencies, all of which often outstrip existing cybersecurity measures.

Strategic Implications

The strategic landscape is unambiguous: both China and Russia have gained significant advantages in cyberspace, perturbed by a troubling shift in the global balance of power.

China’s expansive whole-of-government model, bolstering private sector capabilities under state guidance, aims to establish itself as a preeminent global science and technology superpower, seeking supremacy over the United States in critical technology sectors, including advanced power systems, artificial intelligence, biotechnology, quantum information science, and semiconductor manufacturing.

America’s Path Forward: Beyond Traditional Deterrence

The Persistence Strategy

Recognition of deterrence failures has catalyzed the emergence of “Cyber Persistence Theory” and the “Defend Forward” strategy.

These frameworks advocate for proactive operational engagements, focusing on identifying vulnerabilities, mitigating risks, and precluding adversarial exploitation.

Countries such as the United Kingdom, the Netherlands, Japan, South Korea, and Canada are adopting analogous approaches, underlining a collective pivot in global cybersecurity strategies.

Critical Requirements

For America to navigate the current cyber landscape effectively, immediate action across several dimensions is essential:

Infrastructure Hardening

Comprehensive cybersecurity legislation must be enacted, alongside the establishment of centralized organizations tasked with rapidly addressing cybersecurity flaws.

Basic foundational measures—ensuring universal firewall implementation and timely software patching—could mitigate approximately 90% of risks.

Capability Development

There’s a critical need for the development of AI-driven security solutions and real-time threat detection mechanisms.

Despite 66% of organizations acknowledging that AI presents the most transformative potential in cybersecurity, only 37% have put safeguards in place to evaluate these tools pre-implementation.

Resource Allocation

The prevailing strategy of attempting to achieve more with fewer resources is a precarious approach that jeopardizes the nation’s preparedness against sophisticated threats like Salt Typhoon.

Conclusion

A Nation at a Crossroads

The data and trends are unequivocal: adversaries such as China and Russia are systematically exploiting American vulnerabilities, succeeding where U.S. deterrence strategies have faltered.

The question surrounding America’s national survival amidst these escalating threats is not hyperbolic—it encapsulates a genuine crisis in national security, as critical infrastructure remains perilously exposed and cyber defense capabilities are being incrementally dismantled.

The current state leaves America exceptionally vulnerable in cyberspace, with adversaries already embedded in vital systems, poised to exploit any weaknesses.