The US government came to this year's RSA cybersecurity show with a key message: Be on guard against China.
On Tuesday, officials at the FBI, the NSA and the Department of Homeland Security spoke at the show, and specifically called out China as a major hacking threat that needs to be on the radar of every US business.
"I would argue for too long that this country (the US) has actually been under-focused on the counterintelligence threat … that China poses," FBI director Christopher Wray said during his talk at RSA.
According to Wray, the US has long been "underfocused" on the Chinese hacking threat, which has sought to steal sensitive intellectual property from US companies. "We have economic espionage investigations in basically all 56 field offices, almost all of which lead back to China. It covers every sector of the economy. It covers academia," he added.
Sure, Russia may be getting most of the headlines for hacking crimes, but China may end up becoming the larger problem, according to NSA cybersecurity senior advisor Rob Joyce. That's because the country is focused on building up its capabilities to surpass the US, whereas the Kremlin has focused more on sowing chaos.
"You can kind of look at Russia like it's a hurricane: It's fast and hard. And China is like climate change: Long, slow and pervasive," Joyce said during a separate talk with journalists at RSA.
Of course, the warnings are nothing new. IT security firms have been accusing Chinese state-sponsored cyberspies of breaking into US businesses for years. But at RSA, US officials didn't just call out China for its hacking capabilities; they also expressed worries over the country's influence over the technology supply chain.
It's why the US has been attempting to ban 5G technology sales from the Chinese vendor Huawei. US officials fear the same technology could pave the way for the Chinese government to secretly spy on Americans by coercing Huawei to backdoor the 5G networks.
In the company's defense, Huawei has said no one has supplied actual evidence of it ever spying on its customers for the Chinese government. But according to Joyce, it doesn't matter; the issue has to do with trust, especially when it comes to a powerful technology like 5G. The new wireless networks will be rolled out across entire countries including the US, making them especially difficult to protect.
(DHS official Christopher Krebs on the left, NSA official Rob Joyce on the right.)
"It is really hard with something of that size and magnitude to lock it down to where it can't be exploited," Joyce said, later adding: "It really isn't about show me the smoking gun intelligence of how they are going to steal my information. It's can I trust it? And what are we going to rely on that for? "
The Department of Homeland Security has already made securing the technology supply chain from Chinese tampering a top priority, according to DHS cybersecurity director Christopher Krebs. In addition, the agency plans on issuing industry guidance around managing risks with 5G networks.
"The good news is, particularly at the executive level, everybody is much more keenly aware of the threat environment, particularly posed by China, than ever before," he told journalists at RSA.
"(However) from a supply chain perspective, we all recognize we have a lot more work to do. We are just scratching the surface on understanding what's connected," Krebs added.