Pentagon Deploys AI to Probe China's Infrastructure

This initiative is part of a broader U.S. strategy of "persistent engagement" in cyberspace, aiming to proactively disrupt malicious cyber activities at their source rather than waiting for attacks on U.S. networks. This offensive-first approach is designed to keep adversaries off balance, a doctrine that has seen U.S. Cyber Command actively dismantling infrastructure and degrading the tools of foreign actors. The Pentagon's fiscal year 2026 budget request includes $13.4 billion for AI and autonomous systems, a significant increase that establishes these technologies as a standalone budget line for the first time. The effort to leverage AI for intelligence and targeting is not new; it builds on programs like Project Maven, which began in 2017 to use AI for analyzing drone surveillance footage. Palantir Technologies holds a significant $480 million contract to expand the Maven Smart System to thousands of users across U.S. combatant commands. More recently, the Pentagon's Chief Digital and AI Office (CDAO) awarded contracts worth up to $200 million each to major AI firms including OpenAI, Anthropic, Google, and xAI to accelerate the adoption of advanced AI capabilities. This strategy is a direct response to China's own sophisticated cyber operations. A Chinese state-sponsored group, identified by Microsoft as "Volt Typhoon," has been actively targeting U.S. critical infrastructure, including communications, energy, and water sectors, since at least 2021. The group employs "living-off-the-land" techniques, using built-in network tools to evade detection, with the goal of pre-positioning itself for disruptive activities in the event of a future crisis. For businesses, the escalating cyber competition introduces significant risk. The global economic cost of cybercrime is projected to be in the trillions of dollars. A direct cyber conflict could lead to severe supply chain disruptions, operational halts, and increased espionage targeting intellectual property, particularly in the technology and defense sectors. This environment necessitates that companies view cybersecurity as a strategic imperative to mitigate exposure. In response to foreign threats, China has implemented its own comprehensive legal framework to protect what it designates as "critical information infrastructure" (CII). Regulations effective since September 2021 mandate that operators of CII in sectors like telecommunications and energy establish robust security management, conduct risk assessments, and share threat information with the government.