Closing the Gaps in the Strengthening Cyber Resilience Act
Chinese-backed hacking groups are systematically targeting America's most critical systems, including its power grids, water supplies, telecommunications networks, and transportation hubs. The scale and sophistication of these attacks—from groups like Volt Typhoon and Salt Typhoon—represent an unprecedented threat to both national security and public safety. The Strengthening Cyber Resilience Against State-Sponsored Threats Act, which passed the House in December 2024 and was reintroduced this April, offers a much-needed federal strategy to strengthen U.S. cyber defenses. However, while the bill takes important steps to counter Chinese cyber aggression, it falls short by ignoring equally dangerous threats from other state actors who are also actively targeting American infrastructure.
The bill gets several key things right, particularly in how it addresses long-standing gaps in the federal government’s cybersecurity posture. Its core provision is the creation of a Joint Task Force designed to unify federal efforts against state-sponsored cyber threats. Led by the Cybersecurity and Infrastructure Security Agency (CISA), the task force will include representatives from the FBI, Sector Risk Management Agencies (such as Department of Energy for the energy sector, or the Department of Health and Human Services for the healthcare sector), and the Department of Justice, specifically the Office of the Attorney General. The task force would promote much-needed interagency coordination, essential for responding to increasingly complex and cross-sector cyber threats.
The task force’s key responsibilities include conducting threat intelligence analysis focused on tactics, techniques, and procedures used by Chinese-sponsored actors; conducting digital forensics and research into persistent threat campaigns, including Volt Typhoon’s infiltration of critical systems; delivering annual briefings to Congress to ensure ongoing legislative oversight and alignment with national security priorities; and coordinating with existing mandates under National Security Memorandum–22, which outlines U.S. cybersecurity principles for critical infrastructure. Together, these provisions represent a serious and structured federal effort to confront the growing scale and sophistication of foreign cyber aggression, particularly from the Chinese government.
Despite its strengths, the bill’s singular focus on China overlooks the broader ecosystem of hostile state-sponsored cyber actors that continue to pose serious threats to U.S. critical infrastructure. Russia, Iran, and North Korea have all demonstrated advanced cyber capabilities and the intent to target U.S. institutions, businesses, and public services.
For example, Russia’s Sandworm group has been linked to attacks on energy grids, while North Korean groups have targeted financial institutions for cyber theft and espionage. Moreover, Russia and China maintain a close strategic relationship, having conducted over 100 joint military exercises in recent years. When considering the cyber threats from China, the U.S. government should also account for the capabilities of its allies. A truly resilient cyber strategy should account for the full range of threats, not just from China but from all states capable of conducting sophisticated cyber campaigns.
Congress should broaden the bill’s priorities to reflect the full scope of state-sponsored cyber threats facing the United States today. Expanding the task force’s mandate to include cyber operations and capabilities from all hostile state-sponsored actors would help ensure it remains responsive to the full range of nation-state threats, not just those posed by China. Excluding other actors creates critical blind spots in national cybersecurity planning and weakens the Task Force’s ability to anticipate and mitigate threats.
The Strengthening Cyber Resilience Against State-Sponsored Threats Act is a timely and necessary response to the growing threat posed by state-sponsored cyber actors, particularly from China. By creating a joint task force, prioritizing the protection of critical infrastructure, and mandating congressional oversight, the bill lays a solid foundation for a more coordinated and proactive national cyber defense strategy. However, to fully meet the moment, the legislation should expand its focus beyond China to address the broader landscape of global cyber threats, including those from Russia, Iran, and North Korea. To ensure its long-term effectiveness, the bill should reflect the complexity and diversity of the modern cyber threat environment, which extends far beyond any single adversary. This bill is a critical step in the right direction, but Congress should further refine it to truly future-proof the nation’s cybersecurity posture.
