Expert Commentary

China Developing Cyber Capabilities to Disrupt U.S. Military Operations

Martin Libicki
Keyser Chair, Cybersecurity Studies, U.S. Naval Academy

China is a burgeoning great power. It is continually figuring out the various dimensions of power – not least of which is power in cyberspace – and putting them to use. Like other great powers dealing in an unknown medium, it is, to quote Deng Xiaoping, crossing the river by feeling the stones.

China’s external strategies in cyberspace – as distinct from its internal social control policies – can be divided into two parts: the first, before late 2015; the second, after that point. The most notable transition, from the U.S. perspective, has been the agreement to foreswear commercial cyberespionage.

Less well noted, but of comparable importance, has been the formation of its Strategic Support Force, which has combined the cyber warriors of the Chinese People’s Liberation Army (PLA), its electronic warriors, and a large chunk of those conducting intelligence, surveillance, and reconnaissance, notably from space.

Around 2000, Chinese leaders viewed cyberspace as new and potentially threatening. For a while, it appeared as though China would use a People’s Army approach to cyberspace operations – letting motivated cadres of private hackers harass those identified as China’s enemies. Partially obscured by such well-noticed activity was a more systematic approach, in which state-paid hackers infiltrated foreign defense ministries and defense-oriented firms and harvested the business and technology secrets of commercial entities in developed countries.

It was the 2013 report by the American cyber security firm Mandiant that located these Chinese hackers firmly within the PLA. Beijing also aggressively infiltrated systems belonging to political opponents such as the Free Tibet movement and Falun Gong, as well as media outlets such as the New York Times. They attacked Github – a U.S. website with the temerity to host information on how to circumvent censorship – with a distributed-denial-of-service attack. During the same period, there were unconfirmed reports that China had infiltrated the U.S. electricity grid and had penetrated several natural gas companies.

When the U.S. started taking issue with China’s cyber espionage around 2008 to 2010, China blandly denied it had done anything untoward at all or at least anything different from what others do. Meanwhile, China’s expectations about what it might gain from commercial espionage started to decline. Merely stealing computer files was generally not sufficient for China’s engineers to copy the technology to which these files pertained. By the time the incidents described in U.S. indictments took place, Chinese spies had shown much more interest in proprietary data, such as American companies’ business strategies, than in technology itself. 

Slowly but surely, Western defenses against Chinese cyber espionage were beginning to get stiffer. China’s leadership was also starting to fear that spying on overseas corporations was distracting the PLA from its military mission as well as encouraging a capability that could imperil China’s own development of intellectual property. A combination of declining returns and increasing risks on the one hand and the prospects of U.S. sanctions on the other led Chinese President Xi Jinping to agree to end Chinese commercial cyber espionage against first the United States, then the United Kingdom, and finally the other G-20 nations.

Since that agreement, commercial cyber espionage by China has decreased substantially, albeit not completely. There are some indications that China’s interest is turning toward spying on Russian corporations, less for the latter’s commercial secrets and more for its military technologies. Meanwhile, China remains interested in national security and diplomatic secrets of others, even if its leaders may avoid repeating something like the OPM hack – which although deemed “legitimate” by leaders of the U.S. intelligence community may have caused unexpectedly serious irritation in Washington.

China, like other nations, has had far less practice at cyber warfare than cyber espionage, so anticipating its intentions and plans isn’t easy. The best guess is that Chinese cyber warfare will be focused on supporting conventional military operations as opposed to assuming an independent role in strategic warfare, as U.S. Cyber Command seems to be doing, or to bolstering information operations to influence and manipulate public perceptions and policy in other nations, as Russia seems to be doing. 

China’s external military planning these days is dominated by the fears of a massive U.S. intervention into Asia, against which China is planning an anti-access and area-denial military strategy. Much of that strategy consists of neutralizing the logistics and communications infrastructure that permits U.S. forces to operate so far from home.  China’s long-range sensors and anti-ship missiles are part of its strategy, and so is its development of anti-satellite capabilities. China is pursuing the ability to corrupt U.S. information systems – notably, those for military logistics – and disrupt the information links associated with command and control. The latter is also tailor-made for electronic war – hence the overall moniker for its effort, “Integrated Network-Electronic Warfare.”

China’s relative lack of interest in strategic war is consistent with its maintaining a nuclear force adequate for deterrence, but far smaller than it could have afforded. Despite the 1998 publication, “Unlimited Warfare,” China has apparently given scant systematic thought to how to leverage cyberwar capabilities for coercive purposes in either a peacetime crisis or during times of conflict. This, however, has not prevented China from engaging in low-level harassment of countries, such as South Korea, that infringe on Chinese perquisites.  

Although Chinese military rhetoric is borrowed less and less from Mao Zedong and more from Sun Tzu, Beijing has yet to operationalize the latter’s dictum that the acme of war is to win without fighting. China evidences little sophistication about the conduct of external information operations, much less how cyberwar can fit into such operations – they lag behind the Russians.

China’s leaders emphasize sovereignty and non-interference in their internal affairs over everything else. Apart from that, they really do not believe that great powers need to accept as legitimate restrictions on their own behavior – even if wise countries recognize that adherence to rules will keep others off their back. For them, it is power, not rules, that matter.

CLICK TO ADD YOUR POINT OF VIEW

Share your point of view

Your comment will be posted pending moderator approval. No ad hominem attacks will be posted. Your email address will not be published. Required fields are marked *

The Author is Martin Libicki

Martin Libicki holds the Keyser Chair of cybersecurity studies at the U.S. Naval Academy.  In addition to teaching, Libicki is an adjunct management scientist at the RAND Corporation, carrying out research in cyberwar and the general impact of information technology on domestic and national security. He previously spent 12 years at the National Defense University, three years on the Navy Staff as program sponsor for industrial preparedness, and three years at the GAO.

Learn more about The Cipher Brief's Network here.