Countering China's "Typhoon" Threats Targeting US Critical Infrastructure
Marc Raimondi, Brett Leatherman, Wendi Whitmore, Tim Maurer, John Carlin
RSA Conference 2025 · Day 1 · Policy
A high-profile panel featuring FBI, Microsoft, Palo Alto Networks, and former senior Justice Department officials gathered at RSA Conference 2025 to deliver an unambiguous assessment of the China Typhoon threat: PRC-affiliated actors have shifted from intellectual property theft to pre-positioning inside U.S. critical infrastructure in preparation for potential kinetic conflict. The response requires a restructured public-private collaboration model, updated legal incentive frameworks, and a fundamental reconceptualization of what it means to be a victim of nation-state cyber intrusion. Attribution, disruption, and information sharing are the three levers available — and all three need to be deployed simultaneously. ---
AI review
The most operationally significant panel of RSA 2025. Not because the threat is news — it isn't — but because FBI, Microsoft, Palo Alto, and John Carlin together provide a level of attribution specificity, operational context, and legal framework guidance that you simply do not get from open-source reporting. Carlin's SEC four-day vs. ninety-day disclosure window mechanics alone justifies the time investment for any GC or CISO at a publicly traded company in critical infrastructure sectors.