What do Volt Typhoon, Salt Typhoon, and Flax Typhoon reveal about China's cyber playbook? This episode of Cyber Focus breaks down a new McCrary Institute report on China's advanced persistent threat campaigns—and what they mean for U.S. national security. Frank Cilluffo sits down with Mark Montgomery, Brad Medairy, and Bill Evanina to explain how China is embedding itself in American infrastructure, telecom, and data systems. They warn that Beijing is laying the groundwork for future conflict and that the U.S. response has been dangerously slow. The guests call for stronger deterrence, better public awareness, and a renewed focus on the economic toll of cyber theft.

Main Topics Covered

• China's long-term cyber threat strategy
• Volt Typhoon and infrastructure targeting
• Salt Typhoon and telecom espionage
• Flax Typhoon and persistent access
• Gaps in U.S. cyber deterrence
• Economic costs of IP theft

Relevant Links and Resources

McCrary Institute Typhoon Report

Booz Allen October 2025 China report

Key Quotes:

"Each year we can say the threat has grown. And I would say the leading driver of that growth in the cyber threat environment in the United States is China." — Mark Montgomery

"China is using cyberspace to project power. And as a nation, I think that we need to recognize this threat." — Brad Medairy (~05:50 )

"Until people believe that [China's cyber actions] matters to them, we're not going to get the kind of actions we need." — Mark Montgomery

"China['s] … offensive cyber tradecraft is going to be AI enabled. They're going to be able to deliver effects and capabilities at pace that we never imagined. — Brad Medairy

"I think the Chinese want not only us, but they want the world to know that they're inside… Xi wants… the world to know that he can do this." — Bill Evanina

"We have to expeditiously get into place where we could harden ourselves so the railroad could work, the ports work, the electricity grids work. We're not ready. We're nowhere near ready." — Bill Evanina

Guest Bios:

RADM Mark Montgomery (Ret.) is Senior Director of the Center on Cyber and Technology Innovation and a Senior Fellow at the Foundation for Defense of Democracies. He also serves as Executive Director of Cybersolarium.org, a nonprofit advancing the recommendations of the Cyberspace Solarium Commission, which he led from 2019 to 2021. Previously, he was Policy Director for the Senate Armed Services Committee under Senator John McCain, following a 32-year career as a nuclear-trained surface warfare officer in the U.S. Navy, retiring as a Rear Admiral in 2017.

Bill Evanina is the Founder and CEO of the Evanina Group, where he advises corporate boards and CEOs on strategic risk, counterintelligence, and national security threats. He served as the first Senate-confirmed Director of the National Counterintelligence and Security Center (NCSC), leading U.S. government efforts to defend against espionage and foreign influence. A 24-year FBI veteran, Evanina held senior roles in both counterintelligence and counterterrorism and previously led the CIA's Counterespionage Group. He also chairs national and international security boards and is an instructor at the University of Chicago.

Brad Medairy is an Executive Vice President at Booz Allen Hamilton, where he leads the firm's cybersecurity business and supports national-level clients including the FBI, DHS, DOD, U.S. Cyber Command, and the Intelligence Community. He focuses on protecting critical infrastructure, securing emerging technologies, and defending against advanced cyber threats. Medairy leads multidisciplinary teams that integrate AI, cloud, and cyber operations to deliver full-spectrum solutions. He has been recognized as a Top 50 Cybersecurity Leader and Cyber Executive of the Year, and holds degrees from UMBC and Johns Hopkins University.