In 2024, the US Cyber Command’s National Mission Force significantly expanded its operations due to escalating cyber threats, particularly from Chinese hackers targeting critical infrastructure. This increase in activity was highlighted by a senior U.S. Cyber Command official who noted the heightened potential for conflict with the United States. The Cyber National Mission Force was deployed over 85 times in the past year, conducting missions across more than 80 networks. According to Morgan Adamski, executive director of the U.S. Cyber Command, this expansion is a critical evolution from its original 2014 mission to protect domestic infrastructure as cyberattacks on Department of Defense networks have intensified.

At the Cyberwarcon security conference in Virginia, Adamski emphasized that cyberspace is a critical warfighting domain. She pointed out the staggering number of attacks the Department of Defense’s networks face daily, with an estimated 194 million malicious digital attacks and 798 million cybersecurity events. The Cyber National Mission Force has taken on various roles, including supporting election security and resilience-building operations globally. Their efforts have also extended to partner nations, where they assist in identifying malicious cyber activities on government networks.

The force’s operational tempo saw a marked increase in 2024, with more missions conducted than in previous years. Before this, the force had been deployed just 55 times since 2018. This uptick in activity is a response to growing threats from adversaries like China. Federal agencies have issued warnings about China’s extensive cyberespionage activities targeting U.S. government officials, revealing that Beijing-linked threat actors have compromised telecommunications networks to steal sensitive information.

Security researchers at Cyberwarcon discussed how both Chinese and North Korean hackers have honed their tactics over the past decade. These groups have targeted Western defense systems and stolen billions in cryptocurrency. Microsoft analysts highlighted North Korea’s advanced phishing and supply chain attacks on aerospace and defense firms, while Chinese state threat actors have persistently targeted the U.S. defense industrial base for intelligence gathering.

Adamski reported that Cyber Command and federal cyber authorities have coordinated global efforts to disrupt Chinese cyber operations, focusing on degrading the People’s Republic of China’s capabilities. Cybersecurity experts are urging federal departments to enhance their responses to sophisticated espionage campaigns from China. They advocate for improved public-private collaboration in threat hunting and dismantling threat actor infrastructure to counter the growing cyber threat landscape.