China’s Cyberattacks Against US Raise the Chances for War

China’s state-sponsored cyberattacks against US government agencies and defense networks are acts of strategic aggression
By James Gorrie
James Gorrie
James Gorrie
James R. Gorrie is the author of “The China Crisis” (Wiley, 2013) and writes on his blog, He is based in Southern California.
March 28, 2022Updated: March 30, 2022


State-sponsored cyberattacks against other nations are nothing new; they’ve been a reality for a couple of decades, even if we’ve discovered some malicious code recently. But as U.S. relations deteriorate with China and Russia, they take on even greater urgency and up the risks of strategic mistakes.

As Russia’s war against Ukraine has demonstrated, a rise in digital activity, including cyberattacks, may be a prelude to war. Before its invasion, Russia launched several cyberattacks that targeted Ukrainian government websites and financial institutions. Most were distributed denial-of-service (DDOS) attacks.

The DDOS attacks against Ukraine involved massive amounts of incoming requests, messages, and other activities intended to overwhelm government websites’ ability to function. Such attacks can not only disrupt a government’s ability to work in some areas, but they can also hide other, deeper cyberattacks that may well be of a subtler and far more sinister nature.

China’s Continuous Cyberthreat to the US

That puts China’s state-sponsored cyberattacks against the United States in a much more critical and dangerous light.

How do we know that China’s repeated cyberattacks against critical U.S. defense agencies, technology, financial, and other strategic sites aren’t done so with kinetic war as the follow-up?

With tensions rising, suspicion levels rise, as well they should. It’s no secret that Beijing views the United States as its top adversary.

Is it time to consider the Chinese regime’s ongoing cyberattacks against U.S. agencies, including the theft of strategically valuable and sensitive data, to be an act of war?

If not, why not?

There are several reasons.

Attribution Challenges

For one, the truth is a bit more complex. Not every cyberattack can be traced back to its perpetrator. Others use attribution deception to deflect blame. Plus, many cyberattacks come from very sophisticated hackers that are not sponsored by the Chinese Communist Party (CCP) or Vladimir Putin’s regime in Russia, Belarus, or elsewhere.

Besides, Beijing can argue that those who hack into many of the same systems do it just for the money.

china hacker
A member of the hacking group Red Hacker Alliance is monitoring global cyberattacks at their office in Dongguan, China’s southern Guangdong Province, on Aug. 4, 2020. (Nicolas Asfouri/AFP via Getty Images)

That’s undoubtedly true.

It’s well known that hackers attack all kinds of sites, particularly high-value targets such as medical institutions, financial institutions, and government agencies. Once a network penetration is successful, hackers can plant a code that prevents the victims’ access to their data unless they pay a fee or ransom. As they are known, ransomware attacks are one of the most common kinds of cyberattacks worldwide.

Furthermore, a successful, non-state-sponsored hacker can capture data that can be sold to China or other U.S. adversaries. That can make attribution even more difficult to prove.

The Attribution Escalation Calculus

Attribution is not always possible, but it can also have an escalatory effect—and China knows this. Once an accusation is made, the pressure for a punitive response by the accuser grows, doesn’t it?

A counter-response is then expected from the accused. In fact, the CCP has already warned the United States to be very careful in pointing fingers without absolute certainty.

US Makes Exploitation Easy

What’s more, in some cases, the United States has made it easy for adversaries to gain access to some of the most sensitive U.S. sites. The group APT41, for example, is used by the CCP to quickly exploit software flaws and security vulnerabilities that were made public by U.S. researchers.

In other words, the United States showed the CCP how to hack some of its systems.

Even after the APT41 was detected, it has easily adapted to defense measures in order to repeatedly exploit publicly known vulnerabilities.

Who’s to blame for such stupidity? Are the Chinese at fault for taking advantage of us even as we make it so easy?

That’s one reason attribution has been less of a focus than hardening our digital assets against attack.

The Stuxnet Dilemma: From Cyberwarfare to Kinetic Warfare

Nonetheless, state-sponsored hackers often do more than steal intellectual property (for example, industrial espionage). Other times, they’re testing their ability to penetrate and monitor critical government systems from defense to financial interests and beyond.

These activities in the digital world can easily result in kinetic warfare in the physical world. The Stuxnet cyberattack caused physical damage to machinery that an airstrike would typically destroy.

The Stuxnet worm or code created by the Americans and the Israelis was the first instance of a digital weapon or cyberattack leading directly to the actual physical destruction of high-value equipment. It was used against the Iranian uranium enrichment program in 2010.

Epoch Times Photo
A handout image supplied by the IIPA (Iran International Photo Agency) shows Iran’s Bushehr nuclear power plant on Aug. 21, 2010. The facility took 35 years to build and was the target of a cyberattack using the Stuxnet computer worm. (IIPA via Getty Images)

Essentially, Stuxnet was able to corrupt or take control of centrifuges used to concentrate uranium in Iran’s nuclear weapons program. That resulted in the disablement of hundreds of centrifuges, slowing down Iran’s progress in uranium enrichment.

The China Offensive Is Here

No nation has dedicated more resources to cyberwarfare than the Chinese regime—and for a good reason. Intellectual property theft is a critical component in its drive for technological, economic, and military supremacy. Ongoing cyberattacks and data theft are significant parts of the CCP’s long-term plan.

In fact, according to U.S. intelligence agencies’ annual threat report, China poses the most significant cybersecurity threat to U.S. national security and private sector networks, period.

But it’s not just the United States pointing the finger at China. In 2021, the United States, European Union, NATO, and others officially blamed China for the massive cyberattack on Microsoft Exchange email servers.

That reflects the threat reality as we know it, which is that China is ramping up its cyberattacks against the United States. The CCP’s level of exploitation of vulnerabilities in U.S. networks in 2021 was six times higher than in 2020.

Indeed not a good sign for the future of U.S.–Sino relations.

Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.

Related Topics