Pages

16 May 2023

The US Must Act Now To Overcome Chinese Cyber Threat

Zachary Wright, Amelia Snyder

The technological capabilities of the Chinese Communist Party (CCP) are a top threat to the United States as the CCP is expands its interests at the cost of US influence and power worldwide. This has been made possible by a whole-of-government approach that begins with the Chinese state and spreads overseas through cyber-espionage, attacks, and influence operations. This approach is based on opportunities made exploitable by cyber technology, exacerbated by its ubiquitous presence and enabling of plausible deniability. Differing views which civilian populations hold of cyber threats are another supporting factor for the CCP’s approach.
The extent of US cyber vulnerability

Despite the relatively recent creation of cyberspace in the history of national security, its impact has quickly become ever-present. The United States military depends on internet technology for tasks that run the gamut from maintaining satellites and directing missiles, to checking email, increasing the number of potential cyber risk vectors for the country. In the future, this could even expand to cases such as the technology aims the rifles US soldiers use, as in the case of auto-focusing rifles. Looking beyond military applications alone, both military and civilian Americans depend on cyberspace for their everyday lives, with recent research estimating over 8.4 billion internet-connected items in use around the world in 2017, and 49% of the world’s population online, up from a mere 4% in 1999.

The internet is an easy way to infiltrate the lives of billions and is integral to processes such as communications, financial management, industrial innovation, and national defense. This already ubiquitous but still growing presence gives cyber-actors an ever-increasing reach, allowing them access to both military and civilian targets. The focus of these attacks is not confined to any one size: individuals and larger entities, such as corporations and government agencies, are equally at risk. These risks are especially felt in a country where outdated laws and infrastructure have created a dearth of protection for citizens.

The Chinese administration enjoys plausible deniability

Due to the overwhelming availability of the internet, and the unregulated and outdated infrastructure in the United States, cyber actors can often obscure their true identity and location, making it extremely difficult for authorities at the state or federal level to react to these malicious actors in a timely manner. Anyone can claim to be “John Smith from Topeka, Kansas.” While non-standard language use or that user’s IP address could indicate that to be untrue, language use is highly variable even among native English speakers, and IP addresses can be faked using VPNs to support whatever geographic mask the user wishes to wear. The structure of cyber-attacks can make them hard or impossible to identify.

Even when an operation or an attack can be identified and then traced back to adversary country, like China, foreign governments can easily deny that a cyber-attack originated from someone acting on behalf of the government. Instead, the CCP may claim that the attack came from a “lone-wolf citizen-hacktivist”—meaning that the perpetrator was not authorized or condoned by the Chinese government—and that they would turn the bad actor over to the United States if they could be identified. The plausible deniability that an attack occurred and who conducted it is another reason cyber attacks are such a threat from the CCP.

US public opinion underprepared to respond to cyber attacks

It is, however, technological factors alone that render the United States especially vulnerable. The views of the populace within the US make it harder to respond seriously to cyber threats. Cyber-attacks and cyber-espionage, while causing significant economic and national security damage, are often not viewed as “real” attacks in the United States. By contrast, the Chinese population is more likely to view as a threat cyber attacks which the US public might dismiss as insignificant. Cyber attacks can persist in the background for years, not causing tangible damage for the American citizen to see or feel and without a direct correlation to loss of life, severely hampering the ability to engender support from the average American for a counter-action.

What is more, China is not the sole perpetrator of spying over cyberspace—the United States has been caught exploiting cyber vulnerabilities, just as its allies and adversaries have. A kinetic response to non-kinetic Chinese attacks would be viewed as over-the-top in the United States, undermining public support for politicians’ actions. The United States thus finds itself hamstrung, and its inability to respond to cyber-attacks in a way that deters its adversaries sends the message that these attacks are an acceptable risk. Indeed, the perception is that the United States is unable to prevent unwanted access—an open invitation to continue.

On the Chinese side, this situation is markedly different. Many Chinese nationals are willing to support their government via cyber-attacks on the United States, something often seen as their civic duty. [1] These cyber-attacks can be carried out by as paid hackers working for the government, but are often carried out as a hobby, conducted by people who think of themselves as defending their homeland. Thus, the views of the Chinese populace allow for many more and farther-reaching cyber-attacks with legitimate plausible deniability for the CCP, a potent combination of the various factors that make the prospect of cyber-attacks so dangerous for the US.

Chinese cyber operations are already causing damage

In just the past few years, China has been linked to penetrating United States companies and government entities, hacking private German technology firms, targeting Southeast Asian nations in dispute with China over the South China Sea with malicious software, and possibly intercepting sensitive communications from United States defense and technology firms. This range of public, private, US and other government targets in a brief span of time indicates the wide extent of cyber-espionage that the People’s Republic is supporting. These, it bears noting, are only the efforts that have been caught and linked back to China.
Even if the perpetrators are identified, however, cyber espionage is harder to punish than more traditional espionage techniques which may require direct contact, as the physical location of hackers can make extradition all but impossible, and, besides, the adversary government can easily claim that perpetrators operated of their own accord. Despite the United States government identifying CCP cyber-espionage, the current administration has not sanctioned China over the actions of their hackers.

The threat posed by China to the US, furthermore, does not stop with espionage. Physically destructive operations utilizing cyber technology are an increasingly feasible option for the People’s Republic. As critical US infrastructure is increasingly networked, yet still outdated, the threat from attacks on American infrastructure is increasing. The CCP is already capable of conducting cyber-attacks that temporarily disrupt critical infrastructure within the United States. Due to the age and design of the American power-grid, one of these attacks on a legitimate military target could cause cascading effects through the grid, knocking out everything from railroads to grocery stores and to hospitals. Because of the United States’ inability to counter these attacks, cyber operations in a military context could play a much larger role if China and the US find themselves on opposite sides of a war in the future. If America goes to war to defend Taiwan from China, and China targets the American power-grid as a response, the American people may quickly remove their support for a far-away war that does not directly benefit them but does cost them lives and livelihood on home soil.

Offensive operations need not be limited to outright destruction of US assets. The CCP already has deployed other mechanisms of influence that are currently ongoing and which depend in a large part on Chinese cyber prowess. Recent examples include Chinese shaping of the narrative on COVID-19, promoting CCP-preferred policy, and a contemplated, though not completed, information operation to change the outcome of the 2020 presidential election. These operations threaten the structure of American democracy, support for a national agenda, and mislead American citizens about what global outcomes support American needs.

In addition to national information operations originating from the government itself, the CCP has additional resources from what American would consider the “private sector.” In China, the 1993 Company Law mandates that all companies based in China allow specific groups in their company to operate on behalf of the CCP. In 2018 over 50% of private companies in China had members of the CCP, but for China’s largest 500 companies’ membership was over 92% and increasing. Two examples are TikTok and WeChat. These companies have data on millions of customers and potential access to millions more, which could potentially be used to manipulate those who interact with Chinese products.

What can the US do

There are two distinct strategies which the United States must pursue to reduce the cyber risk posed by the CCP. The first strategy is improving American cyber infrastructure; the second is ensuring effective punishment of malign cyber-actors who harm the United States.

To improve American cyber infrastructure, both government and private entities must secure systems, ensure data fidelity, and protect infrastructure. In 2020, the United States Government Accountability Office (GAO) recommended ten critical actions that US public and private entities need to take in order to address cyber risks. These actions range from “develop[ing] and execut[ing] a comprehensive strategy for national cybersecurity” to “strengthen[ing] the federal role in protecting the cybersecurity of critical infrastructure (e.g., electricity grid and telecommunications networks),” and would reduce the vulnerabilities in American cyberspace, denying access to nefarious actors and decreasing the damage that these bad actors can do if they are able to penetrate cyber defenses. The Biden Administration has expanded on these goals in their National Cybersecurity Strategy, released March 2023. Simply put, if United States cybersecurity is stronger, it will be harder for the CCP to exploit.

In addition to hardening American cyberspace, the United States must also begin punishing nefarious actors for attempted and successful penetrations of American cyberspace. Cases of hacking which are linked back to the CCP must result in sanctions against the Chinese government. Sanctions limiting the transfer of American intellectual property (IP) to Chinese companies would be one way to make a dent in the effects of hacking, since many instances of cyber-espionage against American companies result in stolen IP, reduced profits, and lost American jobs. By penalizing the same industries that benefit from hacking, the United States can avoid escalating the standard set for in-kind retaliation in the case that American companies are caught committing espionage against Chinese corporations.

Make Sense of the World

Unique Insights from 2,500+ Contributors in 90+ Countries

I agree to receive emails and other content from Fair Observer. I understand that I may repeal my consent at any time. You can review our Privacy Policy and Terms of Use for further information...

Cyber-espionage, while difficult to track, is not untraceable. Although CCP cyber-espionage takes advantage of ubiquitous connectivity, anonymity, and the United States’ reluctance to react, it can be detected and dealt with. Attackers are not always capable of entering and exiting networks without leaving a trail of evidence. This may ultimately lead to their arrest or, at the very least, the discovery of their identity and employment by state actors.

In summary, the Chinese Communist Party’s cyber capabilities are currently a severe threat to the United States through cyber-espionage, the risk of attacks, and influence operations. Without increasing American cyber defenses and sanctioning malign actors, the United States will remain vulnerable to CCP cyber operations. The United States government has already proposed specific steps for reducing cyber risk and strengthening the nation against a top threat. But actions must follow these statements. By following through on these recommendations, the United States can begin to defend itself against a dangerous adversary.

No comments:

Post a Comment