As hard as it might be to believe, even the nosiest members of the Chinese government don’t care that you just got back from Cancun or that you have a dog named Buddy—regardless of how unquestionably adorable you might think he is. Dangerous nation-states are not stealing your online data because they’re particularly interested in you, your job or the peculiar amount of time you spend watching TikTok videos (which is owned by a Chinese company) of dancing cats. They’re after something far more sinister—they want to piece together your personal data with that of millions of other Americans to create a piecemeal picture of how our society works as well as it’s inherent weaknesses.

This is not some innocent, curiosity-driven science experiment into the peculiarities of Western culture. As the heads of the FBI and MI5 recently highlighted in their joint statement about the security threat posed by China, these cyberattacks are being carried out with malicious intent. The more they can understand about our society, the more effectively they can undermine it and completely destroy our way of life.

The situation has never been as critical as it is now. Christopher Wray, director of the FBI, revealed earlier this year that the organization is finding a new case of Chinese intelligence operations every 12 hours. At the time of speaking, there were already over 2,000 open investigations into incidents of the Chinese government attempting to steal U.S. information. Furthermore, the MI5 chief announced that U.K. intelligence had been forced to double its work against Chinese cyber activity in the last three years, and that it would be doubling this again in the near future. This follows the detrimental 2021 attack on Microsoft Exchange servers, for which China was condemned by the U.S., NATO and EU.

The specific targets of these attacks are you, me and every other member of the public. Unless we want to helplessly remain as sitting ducks, we need to practice collective cyber defense. This is a society-wide collaboration of cyber-security measures, incorporating everyone from governmental organizations and intelligence departments down to small businesses and civilians. We all need to take the responsibility to bolster our cyber defense habits—not for the sake of ourselves, but for the sake of Western society.

Former U.S. secretary of Homeland Security, Kirstjen Nielsen, made a speech rightly underlining the need for a “whole-of-society” approach in order to salvage this situation, rather than relying solely on existing intelligence mechanisms and flimsy anti-viral software. We can look to Estonia to provide us with a blueprint; after being attacked by Russia in 2007, the northern European nation set up the Cyber Defence Unit (CDU). Like the U.S.’ Civil Air Patrol, the CDU is a state-sponsored, citizen-led program that seeks to enhance the country’s cybersecurity, while also improving awareness of the extent of the problem, and how the public can come together to defend against it. Cyber defense is critical, but in a hot war it is even more important—as exhibited by the Ukrainian volunteer cyber army, and the damage it has inflicted on its Russian enemy. The U.S. has recognized the importance of this domain through the appointment of a cyberspace ambassador, which is a welcome step.

The more we can collectively strengthen our cyber defenses, the more costly, time-consuming and unappealing the process will be for hackers. At the moment, conducting a cyberattack is far cheaper than installing cybersecurity; gaining access to personally identifiable information costs less than $200, while a recent Deloitte report highlighted that a low-end cyberattack costing just $34 per month could easily return $25,000.

However, we are already seeing evidence that collective cyber defense can help to push up the cost-of-entry for hackers. A Group-IB cybersecurity services study showed that the average price a hacker would have to pay for a phishing kit more than doubled from 2018 to 2019. This was instigated by the collective, widespread introduction of enhanced phishing controls.

On an individual level, it is crucial that we all practice sensible cyber hygiene. If you’re the kind of person that has your mother’s maiden name as your password for everything, it’s safe to say that it’s time to rethink your cybersecurity strategy. Similarly, we need to be wary of how much we share on social media—we must assume that everything we post could be seen by anybody, including foreign governments. Would you take out a headline in the paper saying, “I’m on holiday and my house is empty for the next two weeks”? No, but you would happily post it for the world to see on Twitter.

Some still argue that the FBI, MI5 and Western world leaders are overblowing the extent of the current cybersecurity crisis, and that this is merely another leftover symptom of the West’s Cold War-era paranoia. Does it really matter if China sees me post about what I’m having for breakfast, and if it learns that Westerners usually start with pancakes? What can they do with this information? Maybe not hack into our fridges, but they can certainly attempt to manipulate the cost of milk and eggs.

In all seriousness, we need to appreciate that the more China learns about our habits—not what we eat for breakfast, but the kinds of articles we read, what appeals to us in politicians, and how we respond to media, for instance—the more it can shake and ultimately shatter the foundations of our society. Russia has regularly been accused of tampering with U.S. elections, while only recently the FBI stated that the Chinese government had directly interfered with a congressional election in New York this spring. They were worried that a critic of China (and a former Tiananmen Square protester) would get into office, and subsequently attempted to undermine his campaign through nefarious hacking.

It is time to wake up to the fact that the focus of foreign governments is no longer on world leaders and their intelligence apparatus. They are centered on you. Every time you turn on your phone and watch a TikTok video, scroll through Instagram or Google the latest baseball results, the cold eyes of China and Russia stare unblinkingly back at you. It’s up to you—and all of us—to stop them.

Kevin L. Jackson is a former U.S. intelligence officer and the SVP, Total Network Services, and co-inventor of the Universal Communication Identifier (UCID). UCID is the device monitoring component of Gabriel Crypto collective cyber defense application.

The views expressed in this article are the writer’s own.