The United States is the second most likely country, behind China, to be the victim of malicious cyber activity. The most likely candidate is China. I will speak about the United States before China. The United States is a huge, industrialized country with a strong reliance on the Internet. Because of its reliance on the Internet, the US economy is especially vulnerable to cyber-attacks as a result of its interconnectedness. The Department of Defense (DoD) realizes that using computers and the Internet to wage cyberwar jeopardizes national security and creates a potential attack vector. Cyberwarfare is becoming a more serious threat to physical systems and infrastructures, especially when those systems and infrastructures are connected to the internet. The federal government must make significant changes and investments to protect the major institutions that underpin the American way of life. The Federal Government must employ all its authorities and resources to defend and secure its computer systems, whether cloud-based, on-premises, or hybrid. The scope of protection and security must include both data processing systems (information technology (IT)) and the crucial machinery that ensures our safety (operational technology (OT)).

Next, I will address China. According to the China Internet Development Report, China’s cyberspace security is confronting new problems, ranging from rogue programs to security flaws, prompting the government to implement a series of measures to construct a cyber security governance framework. According to data provided in 2021, China captured 23.07 million samples of rogue programs in the first half of 2021, infecting approximately 4.46 million primary PCs, an increase of 46.8 percent year on year. Also, China’s National Vulnerability Database recorded 13,083 new general security loopholes in the first half of this year. Last year, such loopholes amounted to 20,704, up 27.9 percent on a yearly basis. Both countries suffer from possible loopholes and need to adopt the practice of being proactive and not reactive.