Dakota Cary’s statement to the press that “it is inconceivable the U.S. would ask a private company to hack Xi’s phone” is so spectacularly wrong given the mountain of evidence showing the U.S. has been using private companies for offensive intelligence operations for decades that it raises serious questions about SentinelOne’s analytical capabilities.

The contrast between his confident false assertion and the documented truth is striking—perhaps America really can’t use private assets for hacking anymore because they’re apparently so bad at their jobs that “cyber” analysts don’t even know basic operations history.

From Lockheed’s Cold War spy planes to today’s billion-dollar cloud contracts, the U.S. intelligence community has consistently relied on private contractors for its most sensitive operations—including offensive cyber capabilities that could (and would) absolutely target foreign leaders. Who killed Hammarskjold? Mondlane?

China’s recent Salt Typhoon operation, while unprecedented in scale, represents not a departure from American practice but rather an adaptation and expansion of the privatized intelligence model the United States undoubtedly pioneered as an adaptation of the British program.

The Cold War was privatization of American intelligence

The marriage between U.S. intelligence agencies and private contractors began in earnest with the U-2 spy plane program in 1954. The CIA awarded Lockheed a $22.5 million contract, and within eight months, Kelly Johnson’s “Skunk Works” delivered an aircraft capable of photographing Soviet military installations from 70,000 feet.

This wasn’t merely procurement—it was the birth of a model where private companies became integral partners in America’s most classified operations. By 1959, Lockheed was building the CORONA reconnaissance satellites, with the entire program disguised as the civilian “DISCOVERER” scientific mission. These partnerships established a pattern: private companies didn’t just supply equipment; they designed, built, and sometimes operated the systems that formed the backbone of American intelligence gathering.

The telecommunications sector proved equally crucial. Project SHAMROCK, running from 1945 to 1975, saw Western Union, RCA Global, and ITT World Communications voluntarily provide the NSA with copies of all international telegrams entering or leaving the United States—without warrants, court orders, or even written agreements. At its peak, the program analyzed 150,000 messages monthly.

The companies cooperated based purely on patriotic appeals and informal assurances from the Attorney General. When the Church Committee exposed these activities in 1975, Senator Frank Church called it “probably the largest government interception program affecting Americans ever undertaken.” Yet even after congressional reforms and the Foreign Intelligence Surveillance Act of 1978, the fundamental reliance on private sector cooperation only deepened.

If you say Church and a “cyber” expert says “who”, it is a sure sign they aren’t prepared enough yet.

Perhaps most telling was Air America, the CIA’s proprietary airline that operated from 1950 to 1976. With over 300 pilots and a fleet including Boeing 727s and 30 helicopters, it conducted everything from arms delivery to search-and-rescue operations across Southeast Asia. The company maintained commercial cover while executing covert operations, demonstrating how thoroughly the agency could integrate private entities into intelligence work.

I’ll never forget reading the report of the American contractors who said a Vietcong woman they had captured for interrogation willfully threw herself to death from their helicopter. It had all the hallmarks of Apartheid’s Dr. Death, reknowned for throwing Black rights activists out of helicopters over the Indian Ocean.

This pattern wasn’t just about contracting—it was the complete fusion of commercial enterprise with intelligence operations.

Post-9/11 transformation was even more intelligence contracting

The September 11 attacks triggered an unprecedented expansion of intelligence privatization. By 2016, approximately 70% of the U.S. intelligence budget—roughly $50 billion annually—flowed to private contractors. Five companies came to dominate this landscape: Leidos, Booz Allen Hamilton, CACI International, SAIC, and CSRA, collectively employing 45,000 cleared personnel representing 80% of the total contractor workforce. Booz Allen Hamilton alone, which Bloomberg called “the world’s most profitable spy organization,” earned $5.8 billion in 2013 with nearly a quarter coming from intelligence agencies.

Edward Snowden’s 2013 revelations, while working as a Booz Allen contractor, exposed the depth of private sector integration in surveillance operations. The PRISM program involved Microsoft, Yahoo, Google, Facebook, Apple, and others providing the NSA with direct access to user data, with 98% of PRISM production coming from just Yahoo, Google, and Microsoft. Meanwhile, Palantir Technologies, after receiving initial funding from the CIA’s venture capital arm In-Q-Tel, developed tools to make the NSA’s XKeyscore surveillance data more searchable and actionable. Internal documents revealed Palantir software was designed specifically to integrate with XKeyscore, enabling analysts across the Five Eyes intelligence alliance to visualize and analyze massive surveillance datasets.

The cloud computing revolution further cemented these relationships. Amazon Web Services won the CIA’s C2S contract worth $600 million in 2013, followed by the “WildandStormy” contract worth up to $10 billion in 2021 to modernize the NSA’s classified data repositories. The broader Commercial Cloud Enterprise (C2E) contract, valued at “tens of billions” over 15 years, brought AWS, Microsoft, Google, Oracle, and IBM into the intelligence community’s core infrastructure. These weren’t traditional procurement relationships—they represented the wholesale migration of America’s most sensitive intelligence capabilities onto commercial platforms.

I know, because I helped lead the offensive dimension: Private contractors in U.S. cyber operations

The evidence for private contractor involvement in offensive U.S. cyber operations is overwhelming and directly contradicts any notion of operational restraint. The Stuxnet operation against Iran’s nuclear program, arguably history’s most sophisticated cyberweapon, required extensive private sector expertise. Foreign Policy reported that earlier attacks on Iran’s Natanz facility used “field equipment used by contractors working on Siemens control systems,” while the final Stuxnet variant likely entered Iranian systems via Russian contractors’ USB drives. The operation’s success depended on deep knowledge of industrial control systems that resided primarily in the private sector.

The NSA’s Tailored Access Operations (TAO), now renamed the Office of Computer Network Operations, employs over 1,000 personnel including significant contractor presence. TAO’s explicit mission includes targeting “foreign leaders” and their communications. The unit has expanded to multiple locations across the United States and routinely outsources development of cyberespionage tools to private contractors. Companies like Raytheon Blackbird Technologies developed the UMBRAGE Component Library for the CIA, while Siege Technologies created the Athena and Hera malware systems. The 2017 Vault 7 leaks revealed that 70% of the CIA’s cyber arsenal was contracted out, with 91 malware tools among the 500+ in the leaked materials.

The zero-day exploit market provides perhaps the clearest evidence of private sector involvement in offensive operations. Reuters reported in 2013 that the U.S. government is the “biggest buyer in the burgeoning gray market” for software vulnerabilities. Companies like Zerodium openly offer up to $2.5 million for mobile operating system exploits, while Crowdfence advertises $5-7 million for iPhone zero-days. These exploits aren’t defensive tools—they’re offensive weapons designed to compromise foreign systems, potentially including those of foreign leaders. Former NSA personnel have established companies like IronNet Cybersecurity and joined firms like the Chertoff Group, creating a revolving door that ensures private sector capabilities remain aligned with intelligence community needs.

Salt Typhoon is China’s adaptation of the American model

China’s Salt Typhoon operation represents a sophisticated evolution of the privatized intelligence model. Active since at least 2019, the campaign has compromised over 200 companies across 80 countries, including at least nine major U.S. telecommunications providers. The operation specifically targeted high-profile political figures including Donald Trump, JD Vance, and Kamala Harris campaign staff, while accessing metadata for over one million users in the Washington D.C. area.

The three companies involved—Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology—aren’t mere fronts but functioning businesses providing cyber services to China’s Ministry of State Security and People’s Liberation Army. This represents a crucial distinction: while U.S. contractors often maintain degrees of independence and work with multiple clients, these Chinese firms appear more tightly integrated with state intelligence operations, reflecting China’s civil-military fusion doctrine.

What makes Salt Typhoon particularly sophisticated is its focus on compromising the very wiretap systems that U.S. law enforcement uses for lawful intercepts. By infiltrating these systems, Chinese operators gained access not just to general communications but to the specific targets of U.S. government interest. The operation used known vulnerabilities rather than zero-days, employing “living off the land” techniques that made detection extremely difficult. The persistent access achieved—maintained for months to years in some cases—provided both intelligence collection and potential disruption capabilities.

SentinelOne is bonkers: Dakota Cary’s claim in context

Dakota Cary’s statement that “it is inconceivable the U.S. would ask a private company to hack Xi’s phone” appears to reflect either diplomatic discretion or a fundamental misunderstanding of U.S. intelligence operations. The documented evidence overwhelmingly demonstrates that the United States has not only asked but routinely contracted private companies to develop and deploy offensive cyber capabilities that could absolutely target foreign leaders.

Consider the specific capabilities revealed in the Vault 7 leaks: tools to compromise smart TVs, smartphones, and vehicles—precisely the technologies foreign leaders use daily. The NSA’s TAO unit explicitly lists foreign leaders among its targets, and its operations have included intercepting laptops ordered by high-value targets before delivery. The CherryBlossom project compromised wireless infrastructure in “bars, hotels, airports”—locations frequented by traveling officials. These aren’t theoretical capabilities but operational tools developed with extensive private contractor involvement.

The distinction Cary attempts to draw—between China using private companies for offensive operations and supposed U.S. restraint—collapses under scrutiny. The U.S. intelligence community has spent decades building precisely the kind of public-private partnerships that enable such operations. The difference lies not in whether private companies are involved but in the specific organizational models: the U.S. operates through a more distributed contractor ecosystem with greater corporate independence, while China’s approach features tighter state control and civil-military fusion.

A convergence of intelligence models

What emerges from this analysis is not a story of fundamentally different approaches but rather a convergence toward hybrid public-private intelligence capabilities. The United States pioneered this model during the Cold War, formalized it through the Church Committee reforms, and exponentially expanded it after 9/11. China has studied and adapted these practices, creating its own version that reflects Chinese governmental structures and strategic priorities.

Both nations now operate through complex ecosystems where the boundaries between government agencies and private contractors have become increasingly blurred. In the United States, 70% of the intelligence budget flows to contractors who develop offensive tools, operate surveillance systems, and provide analytical capabilities. In China, companies like those behind Salt Typhoon function as extensions of state intelligence while maintaining commercial operations. Both models provide plausible deniability, technical expertise, and operational flexibility that pure government operations cannot match.

The real insight from comparing Salt Typhoon to U.S. operations isn’t that China has crossed some unprecedented line—it’s that the privatization of intelligence and cyber operations has become the dominant model globally. The “inconceivable” has not only been conceived but operationalized, documented, and refined over decades of practice by the very nation that now expresses surprise at China’s adoption of similar methods.

Wrap Up

The parallel histories of American and Chinese intelligence privatization reveal a fundamental transformation in how nations conduct espionage and cyber operations. The United States established and refined the model of deep public-private integration in intelligence work, from Lockheed’s Cold War reconnaissance programs to today’s multi-billion-dollar cloud computing contracts and zero-day exploit purchases. China’s Salt Typhoon operation, while remarkable in scale and sophistication, represents an evolution of these established practices rather than a revolutionary departure.

Dakota Cary’s claim about the inconceivability of U.S. private companies hacking foreign leaders’ phones is contradicted by decades of documented evidence showing extensive private contractor involvement in offensive cyber operations, tools explicitly designed for targeting high-value individuals, and a thriving gray market where the U.S. government is the largest purchaser of offensive cyber capabilities. The surprise expressed at China’s use of private companies for intelligence operations reflects either strategic messaging or a profound misunderstanding of how thoroughly privatized American intelligence operations have become. As both nations continue to blur the lines between state and corporate capabilities in cyberspace, the question isn’t whether private companies will be involved in sensitive intelligence operations—it’s how democratic oversight and international norms can adapt to this new reality where the most powerful surveillance and offensive capabilities increasingly reside not in government agencies but in the conference rooms and data centers of private corporations.

Just ask GM or GE or Ford or…