December 22, 2025

America’s Cyber Retreat Is Undermining Indo-Pacific Security

By: Morgan Peirce

This article was originally published in Just Security.

On Dec. 3, the White House backed away from sanctioning China’s spy agency, the Ministry of State Security (MSS), that carried out one of the most extensive hacking campaigns in U.S. history against critical infrastructure. The administration reportedly halted these sanctions to preserve a trade truce that U.S. President Donald Trump and Chinese General Secretary Xi Jinping struck at the Busan summit in October.

This sends the wrong message to Beijing, as well as to U.S. allies in the Indo-Pacific caught in China’s cyber crosshairs. Trump’s new National Security Strategy (NSS) explicitly calls for burden-sharing, arguing that allies must “assume primary responsibility for their regions,” while the United States serves as a “convener and supporter” in regional defense. Backing away from sanctions after a major China-linked hacking campaign undercuts that logic: burden-sharing collapses if the United States is not willing to bear economic or political costs itself. If the world’s largest economy will not confront China’s cyber operations, how can it credibly ask Indo-Pacific allies — who have far less leverage over Beijing — to step up?

Without a new framework to counter China-backed cyber operations in the region, Beijing and other state-backed cyber groups will continue escalating their cyber operations to spy, steal, and sabotage with near impunity.

There is still time to recalibrate. To counter Beijing’s cyberattacks and operationalize burden-sharing, the United States must use its unique leverage to impose costs on China while enabling Indo-Pacific allies to lead cyber defense in the region.

The U.S. intelligence community identifies China as the most persistent and active cyber threat to U.S. networks. In 2024, the Chinese state-sponsored hacking group Salt Typhoon carried out one of the most severe breaches of U.S. telecommunications companies. Just weeks before Trump met with Xi in October, the United States uncovered another major China state-backed cyber intrusion of the cybersecurity vendor F5, triggering an emergency directive from the lead U.S cyber agency. Yet, the cyber threat to Washington extends far beyond the homeland. China’s cyber operations have already infiltrated networks supporting U.S. forward deployed forces across the Indo-Pacific, targeted export controls on critical technologies, and spread disinformation campaigns designed to erode trust in U.S. alliances.

Read the full article on Just Security.

More from CNAS

View All Reports View All Articles & Multimedia