McCrary Institute releases paper to help Americans understand the cyber threat coming from China
Published: Oct 29, 2025 8:00 AM
By Victoria Dillon
As the world turns its attention to the U.S.-China relationship this week, the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University released a paper on Wednesday, Oct. 29, raising the alarm on the sophisticated cyber threat posed by the People’s Republic of China (PRC).
Titled, "Code Red: A Guide to Understanding China’s Sophisticated Typhoon Cyber Campaigns," the paper helps succinctly explain recent cyber campaigns carried out against the U.S. and lays out the implications of the sustained, coordinated assault by the PRC to our national security, economic security and public health and safety.
As the paper points out, when these campaigns, Volt Typhoon, Salt Typhoon and Flax Typhoon, are taken together, they “represent a new phase of long-term, covert access to infrastructure systems that could be exploited at Beijing’s will.”
“Nearly every day brings a new headline about China’s cyber threats — so many that if you blink, you might miss one,” said McCrary Institute Director Frank Cilluffo. “These campaigns reflect a deliberate strategy by the Chinese Communist Party to gain advantage across military, economic, and diplomatic fronts — not only to steal secrets, but to hold critical infrastructure at risk. The federal government must act with greater urgency to deter these operations, and critical infrastructure and state and local leaders must better understand their scope and intent. This paper seeks to define, in plain terms, the scale of the threat and aims to spark the discussion and action needed to protect our nation.”
This paper represents countless hours of work by the McCrary Institute Task Force on the PRC to centralize and distill key information about these threats so that relevant stakeholders and the public can better understand them and take action.
The task force is chaired by McCrary Institute Director Frank Cilluffo; William Evanina, CEO of The Evanina Group, LLC and former director of the National Counterintelligence Center; Brad Mediary, executive vice president and national cyber platform lead at Booz Allen Hamilton; and RADM (Ret.) Mark Montgomery, senior director of the Center on Cyber and Technology Innovation and executive director and vice commissioner of the Cyberspace Solarium Commission.
“The Chinese Typhoon campaign targeting the U.S. signifies a serious and alarming escalation in nation-state cyber activity,” Evanina said. “These campaigns have infiltrated various critical infrastructure sectors, aiming to steal data and exploit communications. Moreover, they seek to inflict damage and destruction with the intent to harm American citizens and create chaos within society. Warning lights are now blinking beyond red.”
“The PRC’s cyber operations keep reaching into our critical infrastructure, government, and boardrooms, said Mediary. “As this report shows, defending against this threat is a team sport. Together, we must proactively collaborate and innovate to get and stay ahead of our nation’s adversaries to secure America's future.”
“Chinese malicious cyber activity - across all of their Typhoon teams - is exposing our critical infrastructures to future disruption or destruction,” said Montgomery. “We need to counter this CCP ‘operational preparation of the battlefield’ by investing in more resilient and redundant networks to protect our key national security infrastructures.”
The McCrary Institute Task Force on the PRC is one of four standing task forces providing insights and recommendations to policy leaders in Washington as well as advice and research to leaders across critical infrastructure.
* Watch a video of McCrary's Task Force co-chairs briefly explaining each Typhoon campaign and sharing why Americans should be worried and why government and industry need to take urgent action: https://youtu.be/iTC-YCbILrI
* Listen to a special edition of the Cyber Focus podcast with commentary from Task Force chairs: https://mccraryinstitute.com/podcast/cyber-focus/97/code-red-breaking-down-chinas-cyber/
Media Contact: , victoria.dillon@auburn.edu, 716.868.9290
The paper helps explain recent cyber campaigns carried out against the U.S. and lays out the implications of the sustained, coordinated assault to national security, economic security and public health and safety.