Key Takeaways
- The Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) warned of covert, China‑linked networks built from compromised routers, firewalls, NAS devices, and IoT equipment used for espionage and data theft.
- To counter these threats, organizations should inventory edge devices, establish normal‑activity baselines, enhance logging, and enforce multifactor authentication on remote access.
- The Golden Dome missile‑defense program is advancing, emphasizing integrated air and missile defense as a national‑security priority.
- President Trump has nominated Gary Shatswell to serve as Chief Information Officer and Assistant Secretary for Information and Technology at the Department of Veterans Affairs, leveraging his three‑decade blend of private‑ and public‑sector IT leadership.
- The General Services Administration launched the 2026 Presidential Innovation Fellows cohort, placing 17 technologists across ten federal agencies to drive priority technology initiatives.
CISA‑NCSC Advisory Overview
The joint advisory titled “Defending Against China‑Nexus Covert Networks of Compromised Devices” outlines how Chinese state‑sponsored actors—specifically groups like Volt Typhoon and Flax Typhoon—are constructing large‑scale, hidden botnets. These networks exploit vulnerable edge infrastructure such as routers, firewalls, network‑attached storage (NAS) units, and a wide range of Internet‑of‑Things devices including webcams, video recorders, and smart‑home equipment. By compromising these assets, threat actors conceal their origins while conducting espionage, intrusion, and data‑exfiltration campaigns against governmental and private‑sector targets worldwide. The advisory stresses that the scale and evolving nature of these covert networks make them a persistent and growing challenge for defenders.
Why the Advisory Matters
CISA Acting Director Nick Andersen highlighted that the guidance is intended to inform organizations about the strategic use of numerous, evolving covert networks at scale for malicious cyber activity. The warning underscores the broader geopolitical concern that China‑related cyber threats are becoming more sophisticated, leveraging everyday network and IoT devices as footholds. Recognizing this threat landscape is essential for allocating resources, prioritizing defenses, and fostering international cooperation between U.S. and allied cybersecurity agencies.
Recommended Defensive Measures
To mitigate the risk posed by these covert networks, CISA and NCSC recommend a multi‑layered approach. First, organizations should gain a full inventory of network‑edge devices and the assets connected to them, establishing a baseline of normal traffic patterns—particularly for VPNs and other remote‑access services. Second, robust log‑collection and storage capabilities must be maintained to enable timely detection and forensic analysis. Third, implementing multifactor authentication (MFA) for all remote connections significantly raises the barrier for attackers attempting to hijack compromised devices. Finally, CISA urges continual review and application of appropriate mitigation measures, emphasizing that actionable intelligence is a cornerstone of building resilience against evolving cyber threats.
Golden Dome Progress Report
In a separate development, General Michael Guetlein, director of the Golden Dome for America initiative, and Emil Michael, Under Secretary of War for Research and Engineering, presented an update on the next‑generation homeland missile‑defense program during an event at Joint Expeditionary Base Little Creek‑Fort Story in Virginia Beach. Both officials are recipients of the Wash100 Award, underscoring their leadership in defense innovation. Golden Dome aims to integrate air and missile‑defense capabilities across the national security architecture, reflecting a growing emphasis on layered, coordinated protection against aerial threats. The update highlighted advancements in sensor fusion, command‑and‑control interoperability, and intercept technologies, positioning the program as a cornerstone of future U.S. defensive strategy.
VA Leadership Nomination
President Donald Trump has nominated Gary Shatswell to fill the dual role of Chief Information Officer and Assistant Secretary for Information and Technology at the Department of Veterans Affairs (VA). The Senate has received the nomination; if confirmed, Shatswell will succeed Kurt DelBene, who retired from the VA in January 2025. Shatswell brings more than thirty years of executive experience spanning both the private and public sectors. Most recently, he served as a senior adviser to VA Secretary Douglas Collins and previously held the position of Group Chief Information Officer at Unilever Prestige, where he oversaw global IT strategy and digital transformation. His background is expected to bolster the VA’s efforts to modernize health‑care IT systems, improve cybersecurity posture, and deliver seamless digital services to veterans.
Presidential Innovation Fellows Cohort 2026
The General Services Administration (GSA) announced the launch of the 2026 class of Presidential Innovation Fellows, a program that embeds technologists from industry, startups, and other organizations into federal service for one‑year terms. This year’s cohort comprises 17 experts who will be deployed across ten federal agencies, including the Departments of State, Energy, and Veterans Affairs; CISA; the Centers for Medicare and Medicaid Services; the National Institute of Standards and Technology; the National Oceanic and Atmospheric Administration; the U.S. Army Corps of Engineers; and the Coast Guard. Fellows will work on priority government initiatives ranging from cybersecurity modernization and data analytics to climate‑resilient infrastructure and digital service delivery, aiming to inject private‑sector ingenuity into public‑sector challenges.
Conclusion and Upcoming Opportunities
The confluence of these developments illustrates a dynamic U.S. response to emergent threats and opportunities. While the CISA‑NCSC advisory calls for heightened vigilance against China‑linked covert networks, initiatives like Golden Dome and the Presidential Innovation Fellows demonstrate proactive investment in defense capabilities and technological talent. The VA’s prospective CIO appointment signals a commitment to strengthening federal IT leadership. For professionals seeking to engage with these topics, the Potomac Officers Club’s 2026 Cyber Summit (May 21) and the forthcoming 2026 Air and Space Summit offer forums to explore cybersecurity trends, missile‑defense advancements, and innovation strategies in greater depth. Registration is encouraged for those looking to stay at the forefront of national security and technology discourse.