Against a steady drumbeat of ransomware attacks, data breaches, and sophisticated intrusions, President Donald Trump’s administration is preparing to release a new national cybersecurity strategy this month centered on offensive cyber operations. Senior officials have repeatedly emphasized hitting back at the hackers and nation-states who have compromised U.S. networks with seeming impunity. If early signals are any indication, the strategy will treat offense as the primary solution to the United States’ cybersecurity challenges.

Meanwhile, the administration has weakened the foundations of U.S. cyber defenses. The Cybersecurity and Infrastructure Security Agency (CISA) has seen its budget reduced and staffing slashed, and the agency still lacks a Senate-confirmed director. Similar cuts have affected cyber defense offices across federal agencies, and the administration is rolling back cybersecurity requirements for critical infrastructure operators.

This combination—more offense, less defense—reflects a seductive logic: why play defense when you can take the fight to the enemy? But against China, now the most active and persistent cyber threat to U.S. networks, an offense-first strategy is a dangerous miscalculation. Cyber operations cannot stop or even substantially diminish Beijing’s campaigns. Doubling down on offense while neglecting defense will leave the United States more vulnerable, not less.

The Allure of Cyber Offense
Since 2018, the Pentagon has pursued [PDF] an increasingly proactive approach to cyberspace competition under the doctrine of “persistent engagement.” Instead of waiting for attacks to reach U.S. networks, U.S. Cyber Command would disrupt malicious activity at its source—dismantling adversary infrastructure, degrading their tools, and frustrating operations before execution. Disrupt enough infrastructure, burn enough access, keep attackers perpetually off balance, and eventually you neutralize the threat.

Successive administrations have empowered Cyber Command with expanded authorities, streamlined approvals, and increased resources to do exactly this. This paradigm has produced genuine successes. Cyber Command has dismantled ISIS’s online propaganda infrastructure, countered Russian election interference, and disrupted ransomware groups.

For policymakers, cyber operations offer an attractive alternative to harder choices: they appear to punish adversaries without requiring difficult legislative battles over cybersecurity regulations, expensive infrastructure investments, or escalation beyond cyberspace. But what works against terrorist propagandists and criminal networks will not work against China.

Why China Is Different
China’s cyber apparatus operates at unprecedented scale. Under President Xi Jinping, Beijing has modernized [PDF] its military and intelligence cyber units while building a vast support ecosystem of private contractors, universities, and technology firms that provide infrastructure, capabilities, and operational assistance.