China has likely reached the same level as the United States in offensive cyber capabilities, according to a new Dutch intelligence report.
Quick Summary – TLDR:
- Dutch intelligence says China may now match the US in offensive cyber power.
- Many Chinese cyber operations remain undetected and unmitigated.
- Hackers are increasingly targeting routers, firewalls, and VPN systems.
- Google reports a sharp rise in zero day exploit usage by China linked groups.
- Critical infrastructure and telecom networks face growing risks.
What Happened?
The Netherlands’ Defence Intelligence and Security Service released its 2025 annual report highlighting China’s growing cyber strength. The agency stated that China has likely reached parity with the United States in offensive cyber operations. This marks a stronger stance than recent US intelligence assessments.
The report also warned that many Chinese cyber activities go unnoticed, with only a limited portion detected and addressed by security agencies.
PLA Cyber Units Target Edge Devices
The report reveals new details about Chinese military cyber units competing to exploit vulnerabilities in edge devices. These include:
- Routers
- Firewalls
- VPN systems
The restructuring of China’s military cyber operations in 2024 led to the creation of the Cyberspace Force, replacing the Strategic Support Force. According to the Dutch agency, this change helped improve flexibility and speed in cyber operations.
A past case highlighted in the report involved COATHANGER malware, which infected over 20,000 FortiGate systems globally through a known vulnerability.
Google Confirms Rise in Zero Day Attacks
Google’s Threat Intelligence Group supported these findings, reporting a sharp increase in zero day exploitation:
- 90 zero day vulnerabilities were exploited in 2025.
- China linked groups used at least 10 zero days, double from 2024.
- More than half targeted edge and networking devices.
These devices are often harder to monitor, making them attractive targets for espionage campaigns.
Salt Typhoon Campaign Targets Telecom Sector
The report also confirmed activity from Salt Typhoon, a China-linked hacking group. The attackers gained access to routers at smaller Dutch internet providers but did not move deeper into internal systems.
Telecom companies remain a high priority target because they offer access to valuable communication data. A broader international advisory linked this campaign to three Chinese technology firms.
Growing Risks to Critical Infrastructure
The findings point to increasing risks across key sectors, including:
- Energy systems
- Transportation networks
- Water infrastructure
- Communications networks
Security agencies warn that groups like Volt Typhoon may already be positioned inside systems, potentially preparing for future disruption.
China’s cyber focus also extends to advanced industries such as:
- Semiconductors
- Quantum computing
- Aerospace technology
In response, the Netherlands updated its espionage laws in 2025, making cooperation with foreign intelligence services a criminal offense.
SQ Magazine Takeaway
I think this is a wake up call that cannot be ignored. For years, Western agencies described China as a strong cyber player, but this report clearly says China is now on equal footing with the US. What stands out even more is the admission that most attacks are not even detected. That is the real concern.
If this trend continues, we are not just looking at cyber espionage but a future where critical infrastructure could be disrupted at scale. Governments and companies need to act faster, because right now, attackers seem to be moving quicker than defenders.
