{"id":431565,"date":"2026-01-26T22:18:11","date_gmt":"2026-01-26T22:18:11","guid":{"rendered":"https:\/\/www.newsbeep.com\/us\/431565\/"},"modified":"2026-01-26T22:18:11","modified_gmt":"2026-01-26T22:18:11","slug":"the-trump-administrations-cyber-strategy-fundamentally-misunderstands-chinas-threat","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/us\/431565\/","title":{"rendered":"The Trump Administration\u2019s Cyber Strategy Fundamentally Misunderstands China\u2019s Threat"},"content":{"rendered":"

Against a steady drumbeat of ransomware attacks, data breaches, and sophisticated intrusions, President Donald Trump\u2019s administration is preparing<\/a> to release a new national cybersecurity strategy this month centered on offensive cyber operations. Senior officials have repeatedly<\/a> emphasized<\/a> hitting back at the hackers and nation-states who have compromised U.S. networks with seeming impunity. If early signals are any indication, the strategy will treat offense as the primary solution to the United States\u2019 cybersecurity challenges.<\/p>\n

Meanwhile, the administration has weakened the foundations of U.S. cyber defenses. The Cybersecurity and Infrastructure Security Agency<\/a> (CISA) has seen its budget reduced and staffing slashed, and the agency still lacks a Senate-confirmed director. Similar cuts<\/a> have affected cyber defense offices across federal agencies, and the administration is rolling back cybersecurity requirements for critical infrastructure operators.<\/p>\n

This combination\u2014more offense, less defense\u2014reflects a seductive logic: why play defense when you can take the fight to the enemy? But against China, now the most active and persistent cyber threat to U.S. networks, an offense-first strategy is a dangerous miscalculation. Cyber operations cannot stop or even substantially diminish Beijing\u2019s campaigns. Doubling down on offense while neglecting defense will leave the United States more vulnerable, not less.<\/p>\n

The allure of cyber offense<\/p>\n

Since 2018, the Pentagon has pursued<\/a> [PDF] an increasingly proactive approach to cyberspace competition under the doctrine of \u201cpersistent engagement.\u201d Instead of waiting for attacks to reach U.S. networks, U.S. Cyber Command would disrupt malicious activity at its source\u2014dismantling adversary infrastructure, degrading their tools, and frustrating operations before execution. Disrupt enough infrastructure, burn enough access, keep attackers perpetually off balance, and eventually you neutralize the threat.<\/p>\n

Successive administrations have empowered Cyber Command with expanded authorities, streamlined approvals, and increased resources to do exactly this. This paradigm has produced genuine successes. Cyber Command has dismantled<\/a> ISIS\u2019s online propaganda infrastructure, countered<\/a> Russian election interference, and disrupted<\/a> ransomware groups.<\/p>\n

For policymakers, cyber operations offer an attractive alternative to harder choices: they appear to punish adversaries without requiring difficult legislative battles over cybersecurity regulations, expensive infrastructure investments, or escalation beyond cyberspace. But what works against terrorist propagandists and criminal networks will not work against China.<\/p>\n

China\u2019s cyber apparatus operates<\/a> at unprecedented scale. Under President Xi Jinping, Beijing has modernized<\/a> [PDF] its military and intelligence cyber units while building a vast support ecosystem of private contractors, universities, and technology firms that provide infrastructure, capabilities, and operational assistance.<\/p>\n

Cyber operations serve Beijing\u2019s core national interests. Cyber-enabled espionage advances technological self-sufficiency by acquiring intellectual property. Surveillance and influence campaigns support political control at home and abroad. And critically, China is pre-positioning for crisis and conflict\u2014establishing persistent access to critical infrastructure and military networks that could constrain U.S. decision-making in a future confrontation.<\/p>\n

Recent campaigns by Chinese state-sponsored actors, including Salt Typhoon<\/a>\u2019s penetration of global telecommunications networks and Volt Typhoon<\/a>\u2019s infiltration of U.S. infrastructure, underscore that China is now a peer competitor in cyberspace. Beijing\u2019s operators are ever-present, able to exploit the smallest vulnerability to achieve broad network access, and highly resilient to disruption. Aging, poorly defended U.S. networks are filled with vulnerabilities that China\u2019s sprawling cyber apparatus is purpose-built to find and exploit. Faced with a threat of this magnitude, the instinct to match China\u2019s offensive capabilities and take the fight to the adversary is understandable\u2014but it will not work.<\/p>\n

Disruption won\u2019t stop them<\/p>\n

The theory behind persistent engagement is that continuous offensive operations will cumulatively degrade adversary capabilities. But against China, this logic breaks down.<\/p>\n

Start with the target. Every cyber operation depends on network access\u2014penetrating adversary systems, establishing presence at a useful location, and maintaining that foothold long enough to develop and deliver tailored effects. Against China, access is scarce. Beijing has invested in layered defenses: the Great Firewall filters cross-border traffic and blocks suspicious activity, strict laws mandate security controls for network operators, and indigenized technology supply chains reduce foreign penetration opportunities. There are no system-agnostic \u201ccyber missiles\u201d; each operation requires painstaking intelligence collection and capability development against specific targets. Scaling up operations against China will be far easier said than done.<\/p>\n

Then consider China\u2019s resilience. China\u2019s distributed ecosystem can reconstitute faster than U.S. operators can disrupt it. Dismantle one threat group\u2019s infrastructure, and operations simply shift to another provider. Expose one contractor, and dozens more remain. The result is an endless cycle of temporary takedowns that consumes finite resources while leaving the underlying threat unchanged.<\/p>\n

The administration will likely tout artificial intelligence (AI) and expanded<\/a> private sector involvement as force multipliers that can overcome these constraints. Neither is a silver bullet. AI tools show promise for vulnerability discovery but cut both ways\u2014they also augment defenders, and China is investing heavily in the same technologies. Private firms already contribute through vulnerability research and intelligence support, but deeper involvement introduces coordination challenges without altering the structural dynamics that limit what offense can achieve.<\/p>\n

Deterrence won\u2019t change behavior<\/p>\n

If disruption cannot degrade China\u2019s capabilities, perhaps offensive operations can deter Beijing from malicious activity by threatening retaliation? This is the logic behind the rhetoric about \u201cimposing costs\u201d and \u201cdemonstrating resolve.\u201d But deterrence faces even worse odds.<\/p>\n

China uses cyber operations to advance interests it considers non-negotiable. Espionage enables technological self-sufficiency. Pre-positioning prepares for wartime contingencies. Beijing will not abandon these activities because the stakes are too high\u2014they are integral to China\u2019s vision of national rejuvenation and its strategy for competing with the United States.<\/p>\n

Even setting that aside, the United States has laid none of the groundwork that deterrence requires. Washington has attempted to draw red lines\u2014around intellectual property theft<\/a> in 2015, and more recently around pre-positioning<\/a> on civilian critical infrastructure\u2014but neither boundary has held. The reason is simple: changing Chinese behavior would require consequences beyond cyberspace, such as economic sanctions, export controls, or restrictions on market access.<\/p>\n

Yet there is little evidence U.S. leaders are willing to escalate across domains in response to cyber intrusions. Indictments and sanctions against front companies signal disapproval but impose no meaningful cost. The reality is that both policymakers and the public broadly tolerate ongoing cyber competition, rhetoric notwithstanding. Beijing knows this. Cyber-on-cyber deterrence is an illusion.<\/p>\n

The Cost to military readiness<\/p>\n

Even if one believes disruption is worth attempting despite the long odds\u2014better to try than cede the field\u2014an offense-first strategy imposes costs that rarely enter the policy debate. Overemphasizing peacetime disruption campaigns diverts resources and attention from preparing cyber forces for their role in high-intensity conflict.<\/p>\n

Cyber effects are becoming a fixture of modern military operations\u2014but not as standalone, decisive capabilities. In Ukraine<\/a>, they have proven most valuable when synchronized with kinetic strikes, electronic warfare, and intelligence operations. In the recent U.S. operation<\/a> to capture Venezuelan leader Nicol\u00e1s Maduro, Cyber Command reportedly helped \u201ccreate a pathway\u201d for special forces by layering effects with other capabilities\u2014including, according to Trump, blacking out much of the capital, Caracas. These cases point in the same direction: cyber functions best as an enabler of conventional operations, not a substitute for them.<\/p>\n

Achieving this integration, however, requires specialized preparation\u2014planning processes, joint exercises, and capabilities tailored to military targets. Years of emphasis on standalone disruption campaigns have not built these muscles. Cyber Command has struggled to generate enough trained forces even for its current mission set, fueling debate<\/a> about whether a separate cyber service is needed. Piling on peacetime operational demands diverts attention from the harder work of preparing for high-end conflict.<\/p>\n

Beijing, meanwhile, is preparing for exactly this kind of fight. The People\u2019s Liberation Army (PLA) has developed a doctrine<\/a> [PDF] to integrate cyber effects with kinetic operations from the outset of a conflict. Its pre-positioning campaigns are preparation for wartime missions aimed at disrupting U.S. command and control and delaying force deployment.<\/p>\n

If offense cannot solve the China problem, what can? Simply put: defense.<\/p>\n

American prosperity depends on digitally interconnected systems, and Chinese cyber campaigns will continue regardless of U.S. offensive operations. The goal must be to prevent them from causing systemic harm. The United States\u2019 endemic cyber vulnerabilities represent a market failure that government action is required to fix. The Trump administration is unlikely to pursue new cybersecurity regulations, but they remain the right answer. Minimum requirements for critical infrastructure, harmonized across sectors, would benefit everyone. The United States should also leverage its structural advantages\u2014including leading technology companies, influence over internet governance, capacity to shape global standards\u2014to embed security across the digital ecosystem.<\/p>\n

The Department of Defense, meanwhile, should ensure its cyber forces are prepared for high-intensity conflict with a peer adversary. This means hardening critical command and control systems, weapons platforms, and logistics networks against adversary disruption. It means integrating cyber effects with joint operations through embedded planners, realistic exercises, and doctrine that treats cyber as an organic capability rather than a standalone tool.<\/p>\n

Most importantly, the United States must demonstrate to PLA planners that cyber operations cannot achieve their objectives. If China believes pre-positioned access could paralyze U.S. power projection or undermine U.S. political will during a Taiwan crisis<\/a>, it could calculate that a fait accompli is achievable. Denying China that confidence could do more to prevent conflict than any offensive campaign.<\/p>\n

None of this means abandoning offensive cyber operations entirely. They retain utility against ransomware groups, for protecting time-bound events like elections, and for supporting intelligence collection. But they cannot compel China to stop activities Beijing considers essential to national security.<\/p>\n

U.S. policymakers face a choice: invest in defenses that limit damage from intrusions or accept persistent compromise as the price of digital interdependence. There is no third option where offense solves the problem. The forthcoming national cybersecurity strategy promises exactly that nonexistent option. It will fail\u2014and the United States will be less secure because of it.<\/p>\n

This work\u00a0represents\u00a0the views and opinions solely of the author. The Council on Foreign Relations is an independent, nonpartisan membership organization, think tank, and publisher, and takes no institutional positions on matters of policy.<\/p>\n","protected":false},"excerpt":{"rendered":"Against a steady drumbeat of ransomware attacks, data breaches, and sophisticated intrusions, President Donald Trump\u2019s administration is preparing…\n","protected":false},"author":2,"featured_media":431566,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[23,3,21,19,22,20,25,24],"class_list":{"0":"post-431565","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-united-states","8":"tag-america","9":"tag-news","10":"tag-united-states","11":"tag-united-states-of-america","12":"tag-unitedstates","13":"tag-unitedstatesofamerica","14":"tag-us","15":"tag-usa"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/431565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/comments?post=431565"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/431565\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media\/431566"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media?parent=431565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/categories?post=431565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/tags?post=431565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}