China’s leadership is ready to take its cyberwarfare capabilities to the next level.
For some time, cybersecurity has been “on the bench” while other aspects of Chinese cyber capabilities, mostly those related to the economy, were developed. Under the guidance of the 13th Five-Year Plan, China intends to have a robust architecture in place both for defending against cyberattacks and for launching attacks against their nation-state rivals (read, the United States) by 2025.
Wu Yunkun, president of the Qi An Xin Group, describes the national-security side of cyberspace as being the “network confrontation between nations.” Wu correctly assesses that “informatization supports individuals, enterprises, society, and the country. If informatization is destroyed, these will not survive.”
In a discourse with state media, Wu spoke extensively about his concern regarding China’s supply-chain vulnerabilities and Beijing’s desire to develop “asymmetric” capabilities in the cyberspace domain.
This gels nicely with a recent conversation I had with a senior cybersecurity expert for the US government who was querying me about supply-chain weaknesses, not only for the United States, but for China as well. Both sides of the Pacific are thinking along similar lines.
With the recent debilitating cyberattacks from Russia in the form of the “SolarWinds” hack, the Colonial Pipeline hack, which disrupted much of America’s energy flow, and Russia’s cyberattack on JBS meatpacking plants, Chinese and American cyberwar strategists are concerned about their own vulnerabilities – and intrigued about the possibility of threatening each other’s sensitive supply chains in cyberspace.
While Wu believes his nation is catching up to the Americans in cybersecurity, he senses that China will need to leapfrog the US in this critical strategic domain. This is where Wu’s comments about China needing to develop asymmetric capabilities in the cybersecurity space come into play.
According to Wu, China will need to leverage emerging technologies, such as quantum computing and artificial intelligence, that increase China’s lethality in offensive cyberwarfare operations and better secures critical Chinese systems and sensitive data.
This is precisely the kind of innovative, leap-without-looking pattern of development that has defined China’s meteoric rise since Mao Zedong opened his country to the West in 1972. From that point, China progressed rapidly from an agrarian backwater ruled by an oppressive cult of personality into the world’s second-largest economy (in GDP terms).
Today, China is a nation that has embraced a highly competitive, dynamic pattern of rapid development meant, as Mao said in 1949, to “keep up with the British and beat the Americans.” Mission accomplished on the first order. And, judging from China’s high-tech development of today, it is poised to accomplish Mao’s second order – unless the Americans up their game.
Toward that end, Wu’s company has become a member of China’s Science and Technology Board where it is pioneering what’s known as the “endogenous security framework” to be used mainly by Chinese government institutions and state-owned enterprises. This is a method for reconfiguring a network under attack into a new structure, thereby stymying any potential hacker from accessing and/or disrupting those systems.
Securing Chinese data flows is now a core element of China’s evolving cybersecurity strategy. Concerns about data security explain the recent state crackdowns on Didi, for example.
Because data flows across multiple platforms in cyberspace – and across international borders – Beijing has been concerned that Didi and other applications could become conduits through which American intelligence agencies could conduct wider surveillance in China or launch cyberattacks.
My colleague David P Goldman concurs with this assessment. As Goldman articulates in his recent book You Will Be Assimilated: China’s Plan to Sino-Form the World, because the United States pioneered the initial telecommunications revolution in the previous century, the US intelligence community has enjoyed unprecedented access to international data flows. Now that the great competition for supremacy between China and the United States is underway, Beijing is no longer content with that paradigm.
Denying critical data is yet another weapon in today’s Sino-American quasi-war – as much as depriving critical computer chips to Chinese technology firms is. We are only at the start of the new cybersecurity race between China and the United States. And, as Wu Yunkun argued, America has gotten complacent in cyberspace.
The past year has highlighted the importance of advancing network security in China, not just to match the Americans, but to surpass them. The US and its allies take their network security and their overall information-technology capabilities for granted. Because China seeks to make itself more self-sufficient in cyberspace (without cutting itself off entirely from the world), Chinese experts are reimagining China’s very cybersecurity infrastructure.
In so doing, China hopes to plug whatever gaps may exist in its cyber defenses while at the same time potentially capturing exclusive markets in the creation of new IT services and equipment.
As always, the Sino-American interaction is not static. The US enjoys considerable advantages over China in cyberspace. This fact has not cowed Beijing in the slightest. American technical experts should not rest on their electronic laurels. They should listen closely to the words of Wu Yunkun and other Chinese leaders.
If the United States is to retain its lead in cyberspace, new technologies, such as quantum computing and artificial intelligence, must be readily brought to bear against China in cyberspace and to help defend critical American networks from Chinese attack – before China can do the same to the US. Because China is growing more capable daily.
Inevitably, China will best the Americans unless something drastic is done.