Commentary
State-sponsored cyberattacks against other nations are nothing new; they’ve been a reality for a couple of decades, even if we’ve discovered some malicious code recently. But as U.S. relations deteriorate with China and Russia, they take on even greater urgency and up the risks of strategic mistakes.
As Russia’s war against Ukraine has demonstrated, a rise in digital activity, including cyberattacks, may be a prelude to war. Before its invasion, Russia launched several cyberattacks that targeted Ukrainian government websites and financial institutions. Most were distributed denial-of-service (DDOS) attacks.
The DDOS attacks against Ukraine involved massive amounts of incoming requests, messages, and other activities intended to overwhelm government websites’ ability to function. Such attacks can not only disrupt a government’s ability to work in some areas, but they can also hide other, deeper cyberattacks that may well be of a subtler and far more sinister nature.
China’s Continuous Cyberthreat to the US
That puts China’s state-sponsored cyberattacks against the United States in a much more critical and dangerous light.
How do we know that China’s repeated cyberattacks against critical U.S. defense agencies, technology, financial, and other strategic sites aren’t done so with kinetic war as the follow-up?
With tensions rising, suspicion levels rise, as well they should. It’s no secret that Beijing views the United States as its top adversary.
Is it time to consider the Chinese regime’s ongoing cyberattacks against U.S. agencies, including the theft of strategically valuable and sensitive data, to be an act of war?
If not, why not?
There are several reasons.
Attribution Challenges
For one, the truth is a bit more complex. Not every cyberattack can be traced back to its perpetrator. Others use attribution deception to deflect blame. Plus, many cyberattacks come from very sophisticated hackers that are not sponsored by the Chinese Communist Party (CCP) or Vladimir Putin’s regime in Russia, Belarus, or elsewhere.
Besides, Beijing can argue that those who hack into many of the same systems do it just for the money.
That’s undoubtedly true.
It’s well known that hackers attack all kinds of sites, particularly high-value targets such as medical institutions, financial institutions, and government agencies. Once a network penetration is successful, hackers can plant a code that prevents the victims’ access to their data unless they pay a fee or ransom. As they are known, ransomware attacks are one of the most common kinds of cyberattacks worldwide.
Furthermore, a successful, non-state-sponsored hacker can capture data that can be sold to China or other U.S. adversaries. That can make attribution even more difficult to prove.
The Attribution Escalation Calculus
Attribution is not always possible, but it can also have an escalatory effect—and China knows this. Once an accusation is made, the pressure for a punitive response by the accuser grows, doesn’t it?
A counter-response is then expected from the accused. In fact, the CCP has already warned the United States to be very careful in pointing fingers without absolute certainty.
US Makes Exploitation Easy
What’s more, in some cases, the United States has made it easy for adversaries to gain access to some of the most sensitive U.S. sites. The group APT41, for example, is used by the CCP to quickly exploit software flaws and security vulnerabilities that were made public by U.S. researchers.
In other words, the United States showed the CCP how to hack some of its systems.
Even after the APT41 was detected, it has easily adapted to defense measures in order to repeatedly exploit publicly known vulnerabilities.
Who’s to blame for such stupidity? Are the Chinese at fault for taking advantage of us even as we make it so easy?
That’s one reason attribution has been less of a focus than hardening our digital assets against attack.
The Stuxnet Dilemma: From Cyberwarfare to Kinetic Warfare
Nonetheless, state-sponsored hackers often do more than steal intellectual property (for example, industrial espionage). Other times, they’re testing their ability to penetrate and monitor critical government systems from defense to financial interests and beyond.
These activities in the digital world can easily result in kinetic warfare in the physical world. The Stuxnet cyberattack caused physical damage to machinery that an airstrike would typically destroy.
The Stuxnet worm or code created by the Americans and the Israelis was the first instance of a digital weapon or cyberattack leading directly to the actual physical destruction of high-value equipment. It was used against the Iranian uranium enrichment program in 2010.
Essentially, Stuxnet was able to corrupt or take control of centrifuges used to concentrate uranium in Iran’s nuclear weapons program. That resulted in the disablement of hundreds of centrifuges, slowing down Iran’s progress in uranium enrichment.
The China Offensive Is Here
No nation has dedicated more resources to cyberwarfare than the Chinese regime—and for a good reason. Intellectual property theft is a critical component in its drive for technological, economic, and military supremacy. Ongoing cyberattacks and data theft are significant parts of the CCP’s long-term plan.
In fact, according to U.S. intelligence agencies’ annual threat report, China poses the most significant cybersecurity threat to U.S. national security and private sector networks, period.
But it’s not just the United States pointing the finger at China. In 2021, the United States, European Union, NATO, and others officially blamed China for the massive cyberattack on Microsoft Exchange email servers.
That reflects the threat reality as we know it, which is that China is ramping up its cyberattacks against the United States. The CCP’s level of exploitation of vulnerabilities in U.S. networks in 2021 was six times higher than in 2020.
Indeed not a good sign for the future of U.S.–Sino relations.
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.
Friends Read Free
Copy
Facebook
Tweet
