The U.S. should stay vigilant about the ongoing digital threat posed by China even though events in the Middle East have drawn attention to potential cyberattacks by Iran, according to a senior FBI official.

Beijing’s malicious cyber activity “unfolds in silence. You don’t see a fireball on the news. But the strategic damage — damage to us — is real and it continues to accumulate over time,” Brett Leatherman, the newly appointed head of the FBI’s Cyber Division, said Monday during a phone interview.

“There's strategic risk here, when it comes to [China], with being complacent. My thought is, when cyber intrusions stay invisible, urgency fades,” he told Recorded Future News. “That's the exact environment that [China] is counting on. We’ve got to continue to be in a position to alert the public that this is ongoing activity. We don’t need to panic. We just need clarity because the threat's real, it’s persistent, it’s strategic.”

Leatherman’s warning about China comes amid rising concerns that Iran could unleash a digital assault on the U.S. for bombing the country’s nuclear facilities. While there have been no confirmed cyberattacks yet, federal law enforcement and intelligence officials are on high alert for such retaliation from Tehran, a longtime adversary in the digital domain, (The Record, 2025).”

Security Officer Comments:
Leatherman, from the US bureau, had a meeting with Israeli officials and European partners to discuss potential cyber threats by Iran or state-supported actors. He stated that his organization is working together with other agencies (Counterintelligence and Counterterrorism divisions) to protect the country. However, he also highlighted China as a major threat, citing their ongoing intrusions into US critical infrastructure operators' networks. The bureau had previously called for information on these campaigns, which led to some leads being pursued. Leatherman hopes that future calls will yield more results and potentially lead to public sharing of tips.

Suggested Corrections:
As the global cybersecurity landscape continues to be shaped by escalating geopolitical tensions, it has become increasingly challenging for companies to prioritize their defenses. However, with threats like Salt Typhoon and other sophisticated groups on the rise, it is more crucial than ever that organizations remain vigilant and proactive in protecting themselves.

To effectively defend against these evolving threats, companies should continue to study attacks related to groups like Salt Typhoon, analyzing tactics, techniques, and procedures (TTPs) used by attackers. By doing so, they can identify vulnerabilities and develop targeted defenses that address the specific risks posed by these types of threats.

Link(s):
https://therecord.media/china-typhoon-groups-espionage-fbi-cyber-brett-leatherman