Cyberthreats have rapidly grown in America over time. According to a 2024 Verizon report, nearly two-thirds of all hacks globally happen in North America (the U.S. and Canada). Foreign agents have increasingly targeted the United States government, businesses, military and civilians, and the number of reported data breaches in the U.S. reached a record high in 2023.
In recent years, a series of high-profile cyber attacks from Russia, China and foreign criminal networks have put America’s vulnerabilities on display and prompted calls for cybersecurity reforms.
In 2020, for example, the “Solar Winds” attack by Russian hackers penetrated multiple parts of the U.S. federal government. And in 2022, a group of Chinese hackers accessed Microsoft’s systems – which power almost all U.S. government agencies – and “struck the espionage equivalent of gold,” accessing emails from the Secretary of State, the Secretary of Commerce and other senior officials. This prompted a hearing this year by the House Committee on Homeland Security.
Foreign hackers are actively targeting the United States today in four main ways:
- Exploiting software monoculture
The Wall Street Journal reported that “hackers have shifted their attention to vendors” who can provide “side doors” into agencies and organizations.
For years, experts have warned about the dangers of a “Microsoft monoculture” within the U.S. federal government, in which nearly all government computers run on one provider’s software. Microsoft products are used across nearly every single federal agency. This creates a data silo, meaning that security failures can result in the theft of information like U.S. intelligence and defense documents, trade secrets and Americans’ personal information. In 2024, the U.S. Cyber Safety Review Board concluded that “a cascade” of such security failures enabled hackers to breach Microsoft systems in the 2022 government cyberattack.
A June survey sponsored by NetChoice and conducted by Morning Consult found that 73 percent of registered voters agree that the U.S. government should reconsider business with companies that are frequently hacked or whose products are hacked regularly.
- Targeting U.S. infrastructure
In February, the FBI warned Congress that foreign hackers are increasingly targeting U.S. infrastructure, like water treatment plans, electrical grids and transportation systems. Recently, a water filtration plant in Texas was infiltrated by foreign hackers, and hackers also targeted a defense contractor that makes flight simulators for the U.S. military.
Earlier this year, President Biden signed an executive order to strengthen the cybersecurity of U.S. ports after a 2023 report by the Department of Transportation Maritime Administration warned that our ports are particularly vulnerable to cyber attacks. The nation’s port system is the main point of entry for trade and generates over $5.4 trillion for the U.S. economy.
In April, Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said foreign agents are operating “with the intent of launching destructive or disruptive attacks in the event of a major conflict.”
- Influencing elections
Intelligence officials have warned that China, Russia, and Iran pose a serious threat to upcoming elections, meaning to create chaos, divide Western alliances, and undermine America’s reputation around the world.
In 2020, Iranian agents attempted to hack into systems used by local governments to publish election results, and sent threatening emails to American voters. A declassified government report identifies multiple instances in which foreign hackers have connected to election infrastructure and copied voter information. And new research from Microsoft warns that groups linked to the Chinese government are already using deepfakes to interfere in foreign elections.
- Proprietary AI Technology
With 18 of the 20 most successful AI companies based in the U.S., hackers linked to nation-states like China are targeting American AI companies to steal their intellectual property.
Early last year, a hacker gained access to the internal messaging systems of OpenAI. In January, General Paul Nakasone, commander of U.S. Cyber Command, said criminals and foreign agents are looking to steal advanced AI technology to “make their attacks more sophisticated.”
America’s Response
Foreign nation-states are ramping up cyber attacks against the U.S. as a result of perceived American weaknesses. China is even turning to private-sector hackers for its espionage and cyber operations.
In response to these threats, the National Security Agency has created the AI Security Center to oversee the integration of AI capabilities within U.S. national security systems. This is a step in the right direction, but the government also needs to address the pervasive software monoculture within federal agencies by investing in a more diverse I.T. ecosystem, which will reduce the risks inherent in relying so heavily on a single vendor. Additionally, as elections approach, preparedness is paramount, both at the federal and local levels.
Americans can protect themselves by ensuring their own devices are protected with antivirus software, encryption, multi-factor authentication and strong passwords. Additionally, households should have basic emergency supplies, such as bottled water, flashlights, and a battery-powered radio, in case of any outages.
Finally, express your cybersecurity concerns to your local representative in Congress. Advocate for diversifying government technology and software providers. Protection from cyber attacks starts with strong security decisions and practices.