Presentation at the 1st India Forum on China, at Goa University, on 14-16 December 2017: ‘China’s Cyber Capabilities and its Impact on Regional Security’

Dr. Arvind Gupta, Director, the Vivekananda International Foundation (VIF), New Delhi

Introduction

It is now well-known that China, a burgeoning power, seeks to use information warfare in the cyber realm to realise its great power ambitions. Towards this end, it has taken numerous steps in all aspects of cyber space, including the warfare in both offence and defence modes, international cyber diplomacy, as well as the domestic politico-security safeguards.

China realized the potential of information and communication technologies (ICT) quite early and particularly after the 1991 Operation Desert Storm which brought into focus the increased use of cyber technology and the salience of cyberspace in warfare. Since then China has proactively built its own capacities to leverage cyber-space and lead itself as a cyber power. It is continually figuring out various dimensions of power including cyberspace capabilities and deploying them to serve politico-strategic aims. The People’s Republic of China (PRC) is one of the most active nations in cyberspace and has approached cybersecurity in a systematic fashion. The 2015 Chinese White Paper identified outer space and cyberspace as the “new commanding heights in strategic competition,” and noted that China faces serious new security challenges in this sphere.

Further, President Xi Jinping’s “new model of great power relations” policy implies that PRC will not be afraid to challenge the US and the rest of the world in areas it considers its core interest, such as cyberspace. Similarly, China’s Cybersecurity Strategy, released in December 2016 by the Cyberspace Administration of China, provides a good framework for understanding advances in country’s position on global collaboration.

In this backdrop, the presentation will map the developments in China’s cyber warfare capabilities, the evolution of its positions as part of its global cyber diplomacy; and its approach to regulating its own cyberspace.

China’s Cyber Capabilities

Starting from the mid-1990’s, China has laid great stress on “Informationalisation” of its defence forces. The People’s Liberation Army (PLA) began building its first cyberwarfare unit in 2006 which has diversifed presence in cities like Beijing and Shanghai. Simultaneously, it also began nurturing the affiliated hackers based on the idea that cybercriminals can be used to escape attribution. For a long-time, however, China did not acknowledge its cyber-warfare capabilities which fuelled considerable misunderstandings and misperceptions about what China would do and where it is headed in the cyber world.

The first Chinese official acknowledgement was made in its 2015 White Paper entitled “China’s Military Strategy” which shed light on military strategy, stressed on need to shift to “active defence” and emphasized China’s commitment to “winning informationized local wars”. The White Paper also contained the first official acknowledgement of China’s commitment to building a cyber force with the capability to engage in cyber operations and building capabilties in both defence and deterrence modes. It placed tremendous emphasis on achieving self-reliance in ICTs and has devoted substantial money, manpower, and resources to developing its cyber capabilities. Chinese cyber capabilities include a mix of dedicated personnel, advanced equipment, and cyberattack methodologies.

The most recent development in this respect is the creation of a new Strategic Support Force (SFC) which comprises of: (a) dedicated cyber personnel; and (b) intelligence-gathering personnel who specialise in a variety of network attacks, information technology, code-breaking, military electronic intelligence, electronic warfare; and traditional military spying. In terms of the cyber-warfare tactics, China has developed a wide range of advanced cyberattack methodologies. For instance, China is known for its use of zero-day exploits. A zero-day exploit refers to vulnerability in software that the software maker itself does not know exists. Discovering zero-day exploits require broad access to a software developer’s internal routines and procedures. It also requires a better understanding of the software than the developer. This is often achieved by employing a technique known as an advanced persistent threat (APT). APT refers to a hacking process that involves a long-term campaign to break into a computer network, avoid detection, and harvest valuable information over days, months and even years.

The PLA seeks an early application of such strategies and tactics in the event of a cyber conflict against an adversary and to achieve early “information dominance.” Here, the information dominance is referred to: (1) taking and maintaining control of an adversary’s access to its own information; and (2) disrupting the flow of information necessary for “decision-making or combat operations.”

Finally, the recently translated Chinese cyber-power paper has listed following components of China’s cyber-power: (1) Internet and Information Technology capabilities; (2) IT industry capabilities; (3) Influence of Internet in the country; (4) Use of cyberspace in particularly in economic sphere; (5) Cyber military strength i.e. ability to defend as well as capability for offensive action; and (6) The extent of national interest in cyber strategy.

Domestic Safeguards and Localisation of the Internet

China has also been sensitive to the potential of the free flow of information and fears that such unrestricted information flow may potentially destabilize the Chinese society. As a result, it has taken steps to safeguard its cyberspace from rest of internet. China’s great firewall is a case in point. It has developed a local internet thereby replacing the conventional foreign search engines like Google. The great Chinese firewall shields networks from the outside world and also the surveillance of the traffic is of very high standards. Further China has built its own social media platforms which are replica of platforms like Facebook and WhatsApp.

A well known Chinese expert (Pai, 2015) has differentiated global vs. local approach as: (a) building a more open and orderly domestic network; and (b) driving global network governance in the next five years, “altering the current Internet order dominated by the US with a fairer and more secure global network.” These positions are mainly driven by Chinese idea of cyber sovereignty which it has been promoting through for some time now through forums like “Annual World Internet Conference” held at Wuchen. China mainly uses this forum to propagate its views on cyberspace. At the 2016 Conference, President Xi reaffirmed the importance of cyber sovereignty when he said, “we should respect the right of individual countries to independently choose their own path of cyber development, model of cyber regulation and Internet public policies, and participate in international cyberspace governance on an equal footing.”

Early this year in February, China published an “International Strategy of Cooperation on Cyberspace” where it has reiterated the idea of cyber sovereignty and made it clear that it intends to play a prominent role in the international cyber discussion. The Chinese view of cyber-sovereignty envisages the right of countries to choose their own path of development, a model of cyber-regulation and internet public policies. This is contrary to the Western Concept of the Open internet. The main intention behind these initiatives is to carve national cyber-space to secure the party/national interests as opposed to an alternative to open, the secure and global vision of cyberspace. It passed a cybersecurity law in November 2016 which tightened regulations and even clamped down on VPNs despite protestations and threats from foreign companies that these were required for business purposes and they would be forced to leave China.

For business, China’s the Ministry of Industry and Information Technology announced in July 2017 that all businesses operating in China need to register with authorities, and online businesses are required to get an Internet Content Provider license which had very stringent provisions. In this respect, Beijing has also established an Office of the Central Leading Group for Cyberspace Affairs as an apex body.

Cyber-Diplomacy

China is highly active at the global and regional levels in cyber diplomacy. At the World Internet Conference in Wuzhen, President Xi focused on the international dimensions of China’s cyber strategy, which include four principles on reforming the existing international internet governance system: respect for cyber sovereignty, peace and security, openness and cooperation, and good order. “A community of common destiny,” President Xi’s new vision on the diplomatic front, is now part and parcel of China’s cyber strategy. Under the aforementioned four principles, China has made five action proposals concerning the digital gap, cultural diversity in cyberspace, digital economy, cyber security, and internet governance.
This “4+5” formula shed light on the core elements of China’s international cyberspace strategy. It has taken positions which are different from those by the U.S. and the West. It is concerned that cyber technologies can be used to destabilize its society. Therefore, it feels that the Western insistence on the open internet could lead to outside interference. It takes a strong position on the multi-stakeholder model. On the one hand, it engages with the Internet Corporation for Assigned Names and Numbers (ICANN), on the other, it insists on a multilateral approach. China and Russia have similar positions in the United Nations Group of Governmental Experts (UNGGE). They want UN to have a key role in the evolution of cyber norms and confidence building measures (CBM) in cyberspace. The two have also piloted a draft cyber convention within the Shanghai Cooperation Organization (SCO). It takes part in most of cybersecurity forum discussion. It is also taking lead in setting up a standard for new devices and protocols. It leverages its power in its market to do so. At Wuchen, China provides a global forum for cybersecurity discussion. President Xi Jinping has often spoken at that forum.

Cybersecurity has been a major issue in discussion in US and China. China is active in Asia Pacific Computer Emergency Response Team (APCERT) and has provided assistance to many South East Asian Countries in developing their capacity. At the recent US–China-India Track-II Trilateral Held at the VIF, the Chinese participants strongly advocated cooperation between Indian and Chinese technical agencies including between the Computer Emergency Response Teams (CERT). China is taking steps to ensure that its capacities are built further. Other diplomatic initiatives include engagement with ASEAN and SCO on network and information security, bilateral dialogues with Germany, UK, U.S., and Canada. It has also banded together with like-minded countries in the SCO to produce an international code of conduct in cyberspace which also pushes the concept of cyber-sovereignty.

China advocates cooperation in combating criminal and terrorist activities, and for the settlement of disputes through peaceful means. It also calls for a multilateral approach for internet governance and laws and regulations to control the flow of information. Supply chain security in the context of technology dominance and hegemony by certain countries are a source of major concern for China, particularly after the Snowden revelations. The state-centric and intrusive approach was softened in 2015 to make it palatable to more countries and an updated version of the Code of Conduct was submitted to the UN in January 2015.

Conclusion

The Chinese approach to cybersecurity shows that hegemony mainly drives use information warfare in the cyber realm. While maintaining that militarisation of cyberspace would be destabilizing, China has proactively incorporated cyber into military doctrine and given the military a prominent role in safeguarding its sovereignty and security in cyberspace.

In PRC, cyber-warfare to a large extent is state-sponsored and driven by the fact that direct attribution is an illusion. The PLA plans cyber warfare both defensively and offensively. Several studies have pointed out that commercial enterprises worldwide are permeable to Chinese cyber hacking in all its form and methods. Chinese written malware, Remote Access Trojans (RAT), Botnets etc. are undiscoverable.

Over the years, the CPC has also nurtured a number of citizen hackers, and today it might be in a position to strain these elements. These elements are mostly responsible for stealing proprietary and other information from US and other countries. Considerable difference exists over response to Chinese threats in cyber-space.

Contact Us