"60 Minutes" Reports on China Cyberattacks
On October 12, 2025, “60 Minutes” aired a compelling segment in which correspondent Scott Pelley interviewed retired four-star general Tim Haugh (former head of both the National Security Agency and United States Cyber Command) about the growing cyber campaign attributed to People’s Republic of China and its implications for U.S. infrastructure. According to Haugh, Chinese actors are no longer just targeting “high-value” military or government systems—they are also probing and embedding themselves within small utilities and service providers across the country, places once considered off the radar.
One example highlighted in the report: the small town of Littleton (Massachusetts), whose electric and water utility network reportedly had Chinese access for years before federal agents intervened. Haugh pointed out that if China is willing to go after a utility in a town of about 10,000 people—without an obvious national-security profile—then every business in America should consider itself a potential target.
Why should this raise concern for all businesses?
First: The tactics described involve stealthy intrusion, credential theft, and long-term positioning rather than immediate destruction—meaning adversaries may already be sitting quietly in networks. Haugh emphasized that “if you are willing to go after a small water provider… what other target is off the list?”
Second: The fact that a state-level adversary is mounting systematic campaigns against non-military, civilian business networks signals the threat landscape has shifted from “large enterprise only” to “any connected organization.”
Third: Businesses often lack the cybersecurity maturity or visibility that government or large enterprises have; smaller organizations may have outdated firewalls, unpatched systems, or weak identity controls—making them ripe for exploitation.
In short, the "60 Minutes" report serves as a warning: The cyber-battlefield is no longer confined to obvious targets. Every company, regardless of size or industry, must treat cybersecurity not as an optional insurance policy, but as a strategic business imperative.
Contact the team at GCG to find out how to defend your company from this growing threat!
Sources: CBS News / The Boston Globe / YouTube