China Well On Its Way to Becoming Global ‘Cyber Superpower’: Expert

The Chinese Communist Party (CCP) is on track to transform its regime into a global cyber superpower, according to the testimony of several experts. To counter its influence, they said, the United States would need to do more to protect critical infrastructure and promote its values.

“The Chinese Communist Party wants China to become a ‘cyber superpower’ and is well on its way to achieving that goal,” said Winnona DeSombre, a research fellow for the Atlantic Council think tank.

“China is a major peer adversary in cyberspace. Its offensive cyber capabilities rival the United States’, its operations demonstrate clear development of asymmetric capabilities that enable it to achieve strategic goals, and its cyber defensive capabilities are robust.”

To counter that development, she said, the United States would have to partner with allies to promote its values in the information domain, and ought to loosen restrictions on foreign talent recruitment, and create new laws and regulations to protect critical infrastructure from cyber threats.

As such, he said, the PLA was working to adapt information technologies across networks to create new military opportunities that it could take advantage of.

“According to PLA analyses, the sustained, ongoing development of information technologies, including artificial intelligence, big data, and cloud computing, have combined to create ‘new circumstances’ for military operations,” Cheng said.

“The result has been essentially a military-scientific revolution, requiring new operational forms and theories, and potentially further alterations of the PLA’s organization.”

This so-called “intelligence-ization” of warfare, Cheng said, would result in artificial intelligence (AI) and machine learning being applied to a greater range of military technologies, so that more data processing could occur within weapons systems.

In this regard, the PLA is pursuing a “system-of-systems” style of warfare, he said, wherein the ability to win wars will not be determined by any one weapon, but by pitting rival arrays of interconnected systems against one another.

Likewise, Kelli Vanderlee, a senior manager for Mandiant Threat Intelligence, a cybersecurity firm, said that the CCP and PLA were becoming far more potent as cyber actors, and evolving the complexity of their attacks on foreign targets.

“Following China’s military and intelligence restructuring, we believe the technical tradecraft used by Chinese cyber espionage groups since 2016 has steadily evolved to become stealthier and more agile, while taking measures to complicate attribution,” Vanderlee said.

The CCP was compromising legitimate businesses and services, she said, making it more difficult to attribute blame to them and more difficult to detect their data collection efforts.

She also said that the CCP displayed an increasing resiliency against international shaming for its wrongdoing and appeared to be less and less likely to cave in to traditional levers of international negotiation.

“Mandiant Threat Intelligence believes Chinese cyber espionage activity has demonstrated a higher tolerance for risk and is less constrained by norms or diplomatic pressures than previously characterized, mirroring bolder rhetoric and policy in other arenas,” Vanderlee said.

She added that 5G, quantum computing, AI, and machine learning were all used in the CCP’s espionage efforts, and recommended that the United States incentivize incident reporting and information sharing among private corporations and with government authorities.

Dakota Cary, a research analyst for the think tank Center for Security and Emerging Technology, warned that the CCP’s capabilities were expanding and were irrevocably intertwined with its efforts to generate talent in the private sector among educational institutions.

“China’s cyber capabilities are expanding,” Cary said. “Talent cultivation and research are critical to that expansion, and China’s universities support both.”

Cary said that the CCP had been working to standardize its cybersecurity curriculum for university degree programs since 2015, and had launched new certification programs, schools, and research centers as part of the effort.

“Over the next decade, China’s cyber capabilities are poised to blossom as universities graduate more well-educated cybersecurity degree holders and as research progresses,” Cary said.

Cary also highlighted that some universities in China played an outsized role in assisting PLA military operations.

In one important anecdote from 2015, he recalled how a Chinese professor at Southeast University held a “capture-the-flag” competition for his students, wherein they would compete by attempting to hack into an opposing system.

“Unlike normal capture-the-flag competitions where participants hack other teams for points, the professor offered students a real-world opportunity to earn points and gain prestige by attempting to access the network of a U.S. Department of Defense contractor,” Cary said.

He added that it would possible the exercise could have assisted PLA operations.

Southeast University, he said, operates Purple Mountain Lab with the PLA Strategic Support Force, and is known for its research contributions to the Chinese military.

The deepest entanglement between universities and security services, he said, however, was at schools such as Shanghai Jiaotong University, where staff support military operations and conduct research to enhance cyber capabilities.

“The university’s cybersecurity degree program is located on a PLA information engineering base in Shanghai,” Cary said.

He explained that, from 2010 to 2014, the university was engaged in cyber operations against the United States on behalf of the PLA.

With other universities, he said, it was difficult to tell whether there was a direct link to the PLA.

PLA-connected funding sources are widespread and cyber security programs exist, he said, but direct support of the military is unlikely.

Importantly, Cary said that the CCP developed much of its strategy for utilizing the private sector from the United States. Indeed, he said one of its prime competition systems used to develop new cyber capabilities was modeled directly off of a DARPA program.

When it came to how links between these universities and U.S. universities might contribute to state-sponsored espionage, therefore, Cary said that there were few clear-cut answers.

“The tools needed to conduct hacking campaigns are ubiquitous,” Cary said. “All that most operators need is a computer, an internet connection, and training. Even if these institutions were subject to export controls, it’s unlikely such policies would matter much to China’s cyber capabilities.”

As such, he said that sanctioning individual schools or tech companies in China was not a worthwhile endeavor. Put simply, if the CCP decided it wanted a technology, it would not only rely on legal means of acquiring it.

“If a university is researching a technology that the CCP has determined to be of value, Chinese hacking teams will try to collect it, regardless of whether the school collaborates with Chinese institutions,” Cary said.

Concerning institutions located within mainland China, Cary noted that they had no choice in whether they would collaborate with the PLA or not and, as such, export controls would not compel them to do otherwise. CCP laws require that firms support Chinese intelligence collection, and entities must provide their data to the CCP if it is deemed to be relevant to national security.

“China’s National Security Law allows the government to compel companies to work with the government to facilitate espionage,” Cary said.

“The Chinese government has made clear in recent months that the CCP rules, and companies obey.”