President Joe Biden’s July 27 warning about a “shooting war” arising from cyberattacks underscores the fraught state of US-Chinese strategic relations.

“I think it’s more likely we’re going to end up – well, if we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great consequence,” Biden said during a speech at the Office of the Director of National Intelligence. “And it’s increasing exponentially – the capabilities.”

Significantly, the remarks were made available in a text circulated by the White House press office, not a spontaneous outburst by the president.

The United States and its allies last week denounced China for complicity in attacks on the Microsoft Exchange email server, and China responded by accusing the Central Intelligence Agency (CIA) of hacking Chinese systems.

A Foreign Ministry spokesman cited a 2020 report by the Chinese cybersecurity firm 360 Core Security claiming that a CIA hacking group called APT-C-39 conducted industrial espionage against Chinese companies.

US President Joe Biden addresses the Intelligence Community workforce and its leadership while on a tour at the Office of the Director of National Intelligence in McLean, Virginia, on July 27, 2021. Photo: AFP / Saul Loeb

If the intelligence world is a wilderness of mirrors, as James Angleton said, cyber warfare is a wilderness of nanometers. Unless an insider leaks information to the outside world, it is impossible to know what intelligence services are doing and any information offered to the media is almost certainly false.

But both Washington, by warning Beijing that cyberattacks might provoke a shooting war, and Beijing, by taking emergency measures to ensure the security of its own networks, are signaling an extreme level of concern.

This does not appear to be a drill.

China’s crackdown on ride-hailing app Didi just after its New York initial public offering earlier this month was widely interpreted as a smack-down of Chinese entrepreneurs by the Communist Party.

Getting tough on those Internet unicorns was seen as arising out of the Communist Party’s rancor at the appearance of inequality from private tutoring companies, and the pay of ride-hailing and food delivery drivers.

Security, however, was clearly framed as the issue earlier this week when Tencent’s ubiquitous WeChat app, which does everything from online payments to social media, suspended new registrations until August.

“We are currently upgrading our security technology to align with all relevant laws and regulations,” Tencent told the Reuters news service. “During this time, registration of new Weixin personal and official accounts has been temporarily suspended. Registration services will be restored after the upgrade is complete, which is expected in early August.”

WeChat logo. Photo illustration: AFP / Jakub Porzycki / NurPhoto

WeChat has 1.24 billion users. The impact on China is bigger than a suspension of Facebook, Instagram and Apple Pay downloads would be in the United States. Downloads of other popular Chinese apps have been suspended as well, including the Toutiao news app offered by ByteDance, the parent of TikTok. Again, security appears to be the foremost issue.

China is deeply worried about its system vulnerabilities, as Wu Yunkun, the president of Q’anxin Technology Group, told the “Observer” website (a news and opinion outlet close to the State Council) in a July 13 interview. (The text can be read with popular Internet translation programs).

Wu is especially worried about the application of artificial intelligence to hacking: If an intruder extracts enough personal information about a target, AI can create a bot that credibly imitates the cyber presence of the target.

China’s internet companies operating overseas, Wu added, may represent a vulnerability of protected data:

For example, at this time, data such as national security data, corporate internal data, social data, and personal privacy data may be distributed among different operating entities.

They may come from companies such as [ride-hailing app] Didi. They may also come from the Ministry of Human Resources and Social Security.

If there are no legal restrictions, the main responsibility is not clear, and the benchmarking of the United States and Europe is actually very important in this regard.

More importantly, if these four parts of data flow across borders, it will cause national security issues. Personal, corporate, and social data may be protected at home, but going abroad involves national security and confrontation between nations.

There are a lot of more complicated things like intelligence, cyber warfare, and secret theft. These data bases are actually related to national data.

Exercises on cyber warfare and security are seen taking place during the NATO CWIX interoperability exercise on June 22, 2017, in Bydgoszcz, Poland. Photo: AFP / Jaap Arriens / NurPhoto

In March 2017, Wikileaks published what it claimed were 8,761 documents and files from the CIA’s Center for Cyber Intelligence. Wikileaks wrote:

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses and other ‘weaponized’ malware [programs].

Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its ‘own NSA’ with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.

There is no way to verify the alleged CIA documents published by Wikileaks. Nor is there any way to verify a May 6, 2019, New York Times story claiming that Chinese spies “captured” hacking tools from the US National Security Agency and then used them to hack American installations.

Two things we can conclude with a certain degree of confidence are that:

  • If the president of the United States warns of a “shooting war” as a result of cyberwar, he is worried about something; and
  • If China halts new downloads of its most popular smartphone apps, it is worried about security as well.

It’s a fair presumption that both sides do their best to probe the defenses of the other.

What we do not know is what sort of damage cyberattacks might cause and how close they might bring the United States and China to the threshold of war.

During the Cold War, Russian and American planes skirted each other’s air space to test responses; warships shadowed each other; and armies drilled for all-out nuclear war.

Exercises on cyber warfare and security are seen taking place during the NATO CWIX interoperability exercise n 22 June, 2017 in Bydgoszcz, Poland. Photo: AFP / Jaap Arriens / NurPhoto)

These were necessary but highly risky exercises. When the exercises became too realistic, during the 1983 Able Archer operation by NATO, the Russians thought that the West really was preparing for a preemptive strike and very nearly launched one of their own. For this, I refer to Nate Jones’s excellent book on the subject.

Evidently, the stakes in the current cyber skirmishes between the United States and China go beyond the occasional act of industrial espionage or disruption of an email server. It’s conceivable that cyberattacks could shut down financial systems, or disrupt major utilities, or interrupt mass transit, or interdict digital communications.

This is the stuff of scenario novels rather than news reporting. One can only hope that the public expressions of worry coming from the American and Chinese governments do not portend a conflict in cyberspace that we are ill-equipped to understand, let alone control.

Studying Operation Able Archer is a good place to start.