Booz Allen warns China’s AI-driven, supply chain cyber strategy fuels PRC dominance
A new report from Booz Allen Hamilton identified that the People’s Republic of China (PRC) has developed a sophisticated and persistent cyber acceleration strategy that enables it to conduct global cyber operations with remarkable scale and effectiveness. From infiltrating governments to manipulating supply chains and shaping online narratives, China’s cyber activities are both widespread and impactful. However, the true extent of its success remains poorly understood.
Titled, ‘Breaking Through: How to Predict, Prevent, and Prevail over the PRC Cyber Threat,’ the 88-page report provides an in-depth look at how China transforms individual cyber operations into strategic advantages. It explores the key force multipliers, such as AI, contested attribution, and exploitation of edge devices, which fuel China’s cyber power and outlines actionable strategies for the U.S. and its allies to disrupt and contest these operations across global theaters.
Booz Allen reports that Beijing is building a cyber-enabled positional advantage that gradually erodes U.S. strategic initiative across time, terrain, and tempo. These changes may fundamentally constrain how the U.S. coordinates, responds, and competes. China’s cyber strategy exploits four key force multipliers of trusted-relationship compromise, edge device exploitation, AI acceleration, and attribution contestation. These methods maximize operational reach, stealth, speed, and deniability.
Abusing trusted relationships gives the PRC a strategic edge by establishing persistent access that bypasses traditional cyber defenses, thereby weakening U.S. response capabilities. Additionally, China’s dominance in exploiting network edges creates systematic access advantages, diminishing U.S. situational awareness and accelerating decision cycles beyond U.S. capabilities.
The report recognized that AI accelerates PRC cyber operations by enabling speed and precision across reconnaissance, exploit, and malware development, targeting, and data processing. PRC actors are using AI to overcome structural barriers that have long constrained Beijing’s influence in foreign information environments. The PRC’s shift from denying to contesting attribution risks fragmenting allied responses and preserving PRC freedom to operate below escalation thresholds.
Furthermore, PRC cyber operations aim to constrain U.S. power in three strategic arenas by eroding agility and escalation control in East Asia, fracturing alliance coordination in Europe and the Five Eyes, and embedding economic and geopolitical leverage across the developing world. Without deliberate national action, the PRC’s cyber and influence gains may harden into structural advantages, potentially reshaping the global operating environment in its favor.
Booz Allen mentioned that vendor-enabled access remains a critical enabler for PRC cyber operators seeking durable, low-friction entry into hardened networks. Rather than relying exclusively on phishing or exploit-based intrusion, PRC-linked actors have increasingly abused trusted relationships between service providers and their clients. These intrusions often exploit VPN credentials, remote support tools, or compromised software updates, allowing access through authorized, allowlisted channels.
This model is particularly effective in sectors where vendor connections are managed as exceptions to otherwise strict segmentation, such as government and operational technology-reliant sectors, which include 13 of 16 designated U.S. critical infrastructure sectors. PRC operators increasingly treat vendor access as a scalable intrusion vector for multi-target operations across shared ecosystems. This approach reflects a shift toward establishing presence inside vendor environments to enable broader client access. Cloud-based infrastructure and centralized administration have expanded the reach and efficiency of this model, allowing PRC actors to conduct scalable campaigns while minimizing exposure and resource expenditure.
To read the complete article see:
Apply for our next conference in Kuala Lumpur on December 9th and 10th, 2025 at Rise Malaysia with the passcode: “6f&%dX”, no quotes.