National Cyber Director Harry Coker this week reiterated prior warnings that hackers linked to the People’s Republic of China are actively working to gain access to critical infrastructure in the U.S. to potentially launch malicious attacks. 

Coker, in his first major speech in Washington since he was confirmed in December, said the state-linked threat actors aimed to disrupt — or possibly destroy — the ability to provide critical services as a distraction linked to military activity. 

“In the early stages of an armed conflict, they want to disrupt our military’s ability to mobilize, and to impact the systems that allow us to thrive in our increasingly digital world,” Coker said Wednesday at the Information Technology Industry Council’s Intersect Tech Policy Summit. “Their intentions drive home a point so many of us have known for years: In cyberspace, the private sector and the American people themselves are on the front lines.”

Coker was one of four cybersecurity and law enforcement officials who testified about the threat last week before the House Select Committee on the Chinese Communist Party.

Earlier this week, the FBI and the Cybersecurity and Infrastructure Security Agency, said the state-linked actor Volt Typhoon and other China-affiliated actors have penetrated key critical infrastructure sectors in preparation for disruptive attacks. 

Coker emphasized that the majority of critical infrastructure in the U.S. is owned by the private sector. The U.S. needs collaborative work from the industry to make sure these systems are protected from malicious threats, he said.

“There are plenty of actions we can and will take to address counter-normative behavior,” Coker said. 

Coker told the industry attendees at the summit the administration will need to collaborate with them to counter the threat. 

The Office of the NCD is working on several key initiatives that are part of the Biden administration’s national cybersecurity strategy: 

• Officials are consulting with academic and legal experts to explore a variety of tactics to hold manufacturers accountable when they rush insecure products to market. Officials will be reaching out to industry for additional feedback.
• The office is reaching out to interagency partners in an effort to harmonize a number of wide ranging cyber rules and regulations so companies are not overwhelmed by compliance burdens.
• The administration is working to build a more diverse and robust cybersecurity workforce, as the industry still has about a half million vacant job opportunities and there is a desperate need to attract qualified workers. 

Coker also highlighted an upcoming white paper on efforts to develop the use of memory-safe languages and improve software measurability. 

Memory safety has become a major focus, as many issues related to critical vulnerabilities are due to the use of unsafe coding. 

Exploitation of the CitrixBleed vulnerability in late 2023 was linked to the use of unsafe programming languages.