The Chinese Communist Party (CCP) is escalating its cyber offensive against the West, despite efforts from the United States and its allies to stop it, experts warn.
Beijing has been “quite public with their goals, yet the world keeps getting surprised by them,” Jody Westby, CEO of cyber security firm Global Cyber Risk LLC, told The Epoch Times.
Its goal, expressed in official military guidelines, is to “win an informationized war,” Westby said. Under this strategy, the CCP sees cyber and space technologies as crucial for victory in conflicts. That this is a national policy should underscore how important the field of information technology and nefarious cyber activity has become to the regime, she said.
“The cyber threat environment is more dangerous now than it’s ever been, and every person is at risk,” she said. People working in the fields of information technology (IT) and cyber security will continue to struggle to confront the “enormous threat,” according to Westby.
“Cyber espionage and cyber attacks have become a problem that every single person has to think about.”
According to cyber security professional Billy Torrence (a pseudonym), who once worked as a project development manager of cyber security operations for U.S. military and intelligence agencies, the United States has not done enough to protect itself from cyber threats.
“The Department of Homeland Security and Cybersecurity and Infrastructure Agency are absolutely inept at defending the United States from cyberspace adversaries,” he told The Epoch Times. The Cybersecurity and Infrastructure Security Agency (CISA) is an agency under the oversight of the Department of Homeland Security (DHS) charged with guarding the country against cyberattacks.
While Torrence, a retired U.S. Army cyberspace officer, recognizes there are “good people in government agencies,” his firsthand experiences also reveal there are also many who are “the wrong people” and “not the critical thinkers” needed to accomplish the mission of protecting the country from cyber warfare. Torrence, who continues to consult with military and intelligence organizations, requested to remain anonymous for the interview.
“A lot of the decision-makers and so-called cybersecurity experts are not properly educated nor have the acumen to understand all the variables needed to protect Americans—and the Chinese regime is going to continue to take full advantage of that,” Torrence said.
The Epoch Times has reached out to DHS and CISA for comment.
The expert made reference to seven elements of national power: diplomatic, information, military, economic, financial, intelligence, and law enforcement elements—collectively identified by the acronym DIMEFIL.
To compete with the United States and achieve its own national goals, he said the CCP deliberately avoids an “an escalation in the military domain.” However, the regime is using cyberspace to disrupt the other six domains to “torment their adversary—the United States,” he said.
According to Torrence, the CCP’s primary goal is to collect information and degrade the capabilities of the United States. “Leveraging power below the threshold of war is clearly Xi’s vision for the CCP,” he said, referring to Chinese leader Xi Jinping.
Ultimately, the Chinese regime wants to achieve their national objectives without conflict—especially one with the United States. Beijing is “strategic and patient with their efforts, and clearly our biggest problem globally,” Torrence said.
Westby described the Chinese regime’s malign cyber activities as “very purposeful” in its approach.
By way of example, she shared what happens to quite a number of unsuspecting companies and individuals around the world. “The Chinese government can target a company, but once they get that company’s data, they often acquire the individual’s, as well,” Westby said.
According to the expert, COVID-19 researchers, cybersecurity researchers, and hi-tech industry researchers are probable targets. “While most Americans are not used to being the subject of nation-state espionage, if they’re working at a company that has data that the Chinese government finds interesting, then they’re a target.”
Another tactic deployed by Chinese hackers was using phishing techniques on platforms such as LinkedIn, Westby said. For instance, fake job requests may be posted on LinkedIn to acquire information about targets like researchers. “People with a certain kind of expertise are linked together and structures are built out, [and] these people become part of a surveillance campaign.”
Stolen and Silenced
The CCP’s malicious cyber activities have continued to make headlines this year, and there are no signs of abatement.
Earlier this year, hackers affiliated with China’s top intelligence agency, the Ministry of State Security (MSS), breached Microsoft’s email server, affecting tens of thousands of systems globally, the United States said in July.
Also that month, the Justice Department announced the indictment of four Chinese nationals working with MSS, charging them in relation to “a worldwide hacking and economic espionage campaign led by the government of China.” The campaign involved stealing secrets from companies, universities, and government bodies from 2011 to 2018.
Westby said the Chinese regime has continued to collect a “treasure trove” of information from American citizens. “They are completing some of the most successful intelligence operations ever in history.”
Last month, in a statement before the Senate Homeland Security and Governmental Affairs Committee, FBI Director Christopher Wray said that the agency is “opening a new China counterintelligence investigation every 12 hours.”
“It is estimated that 80 percent of American adults have had all of their personal data stolen by the CCP, and the other 20 percent most of their personal data,” William Evanina, former director of the National Counterintelligence and Security Center and CEO of the Evanina Group, told (pdf) a Senate Select Committee on Intelligence hearing on Aug. 4 in his opening statement.
Theft of personal data and intellectual property is not the only objective of the CCP’s cyber operations. Surveilling and targeting overseas dissident groups is another.
An FBI Counterintelligence Bulletin recently revealed that the Chinese regime is “almost certainly employing transnational repression techniques to target U.S.-based Uyghurs and other Chinese diaspora members in the United States.” In an attempt to silence voices drawing attention to human rights abuses against Uyghur Muslims in Xinjiang, the U.S.-based Uyghur community has been repeatedly targeted and hacked by agents of the CCP, it said. Tibetans, Falun Gong members, and Taiwan and Hong Kong activists are also among those targeted in recent years.
Distracted and Dumbed Down
Cyber security professional Torrence does not see an end to how far the Chinese regime will go in its cyber efforts to weaken the West. “They are exploiting their capabilities to the maximum, and at the end of the day, they are not dialing back on any of their capabilities,” he said.
Torrence considers it fairly easy for the CCP to take advantage of Americans, whom he described as complacent and distracted. “The U.S. feels protected, thinking no one can torment the country across two oceans, but the United States is easily within reach across a vast cyberspace.”
For instance, since it is clear the CCP is “in for the long game,” Torrence said the regime is deliberately attempting to degrade the intellectual capability of the average American citizen.
“The adversary can reach into the United States and provide information on social media that appears to be from a legitimate news source—but what’s actually shared is nothing more than a means to disrupt the minds of the American people,” he said, raising an example.
With a seemingly endless supply of new videos, games, and social media apps available to Americans from China, the regime “as part of their long game, [is] trying to disrupt thinking to a degree that inhibits the development of critical thinking skills and leaves future generations with no intellectual vigor whatsoever,” Torrence said.