Experts press for large‑scale US offensive cyber operations at House hearing

High-profile Chinese intrusions into swaths of critical infrastructure across the nation have prompted cyber analysts and officials to call for a more offensive U.S. approach against foreign hackers. In a House Homeland cybersecurity hearing on Tuesday, experts largely aligned with that sentiment.

In the last year, offensive cyber operations have become a common talking point. At the start of 2026, a U.S. military operation that captured Venezuelan leader Nicolás Maduro involved an “expertise” that allowed cyber operators to shutter the lights in Caracas, President Donald Trump said at the time.

And a sweeping national cyber strategy, expected for release soon, includes a pillar focusing on offensive operations and leaning into partnerships with the private sector to aid in that work.

But witnesses said the goal moving forward should be to embed offensive cyber thinking across all levels of government.

“Cyber is its own domain that transcends all other domains” and the U.S. will be “hamstrung” until it fully integrates cyber and computer network matters into its military doctrine, said Frank Cilluffo, who leads Auburn University’s McCrary Institute for Cyber and Critical Infrastructure.

Talk of using a more forceful cyber approach originated near the end of 2024, as incoming Trump officials and allies scorned China over its hacks into telecom firms in the U.S. and around the world. The hackers also accessed U.S. “lawful intercept” systems that allow the FBI to retrieve targets’ communications with a court warrant. 

Officials and analysts are also tracking another China-tied hacking collective that has burrowed into troves of non-military critical infrastructure. They assess that Beijing intends to sabotage those systems in the event the U.S. military needs to quickly mobilize, especially if it becomes involved in a Chinese invasion of Taiwan.

Joe Lin, co‑founder and CEO of offensive‑focused cyber firm Twenty, told lawmakers the United States “is not postured to deter or defeat its adversaries in cyberspace” despite having some of the world’s most talented operators and cyber warriors.

“These are not episodic breaches,” he said of the Chinese hacking campaigns. “They are continuous, increasingly automated shaping operations designed to hold our society at risk at peacetime and to pre‑position for conflict.”

In contrast, Lin argued, “our response is unnecessarily constrained, particularly in the use of offensive cyber. This restraint has not prevented escalation. It has encouraged it.”

He urged Congress to help “industrialize offensive cyber capabilities,” by turning elite hacking tradecraft into software systems “that execute under human authorization at machine speed.”

Emily Harding, a former CIA officer who now leads intelligence and technology work at the Center for Strategic and International Studies, said the U.S. “has failed to establish deterrence in the cyber domain, and our adversaries right now hold the escalation ladder.”

“U.S. responses to cyberattacks have been muted,” she said, encouraging Congress to stand up a formal U.S. Cyber Force, a long-debated concept among cyber policy practitioners that proponents say gives the U.S. the best chance at combating foreign adversaries in cyberspace.

But American cyberdefenses still remain foundational, Drew Bagley, chief privacy officer at CrowdStrike, told lawmakers. He also cautioned against devolving offensive activity to victimize companies through “hack back” schemes, calling that a recipe for geopolitical blowback.

“Hack back operations risk re‑victimization and collateral damage,” he said. “Ongoing investigations can be disrupted, and retaliation can lead to waves of geopolitical escalation. For these reasons, offense is best left to professionals with relevant authorities, de‑confliction processes and clear oversight.”