China has modernized and become extremely competitive on the world stage over the page half-century. As the most populous country continues to dominate many global manufacturing sectors, the Chinese Communist Party grows eager to become a legitimate superpower. Here, we look into the CPP’s aspirations and current cyber activities to see how they intend to achieve such status.

A transition of power?

Historically, up-and-coming nations attained superpower designation through winning wars. However, the proliferation of nuclear weapons and the Mutually Assured Destruction doctrine take this path off the table. So, China must engage in different tactics, such as cyber warfare. Military officials and security experts believe the globe is already at war in cyberspace[1]. As the battlefield expands, China represents the largest threat to the United States and other Western democracies. They operate more known Advanced Persistent Threat groups than the next top three (Russia, Iran, and North Korea) combined[2].

Methods for progress

Although China’s military spending ranks 2^nd in the world, it still pales compared to the United States  (as of 2019, $261 billion vs. over $730 billion[3]). Knowing it can’t compete on sheer military might, China employs “asymmetric” warfare tactics that include powerful cyber attacks. To support the IT infrastructure necessary for this, China has implemented strategies to spur greater tech capabilities.

Bridging the tech gap

In 2013, officials enacted the ‘Made in China’ plan. This comprehensive policy set ambitious goals to improve China’s tech manufacturing capacity and foster domestic innovation. According to the program, China wanted to produce 40% of their own mobile phone chips, 70% of the nation’s industrial robots, and 80% of their renewable energy equipment domestically by 2025[4].  A portion of the engineering and production gaps have closed due to legal initiatives such as[5]:

• Encouraging joint ventures between Chinese and Western companies to facilitate knowledge transfer.
• Promoting the education of Chinese students abroad at highly-advanced tech research universities.
• Allowing and partaking in direct foreign investment projects.
• Recruiting skilled foreign talent for domestic companies.
• Utilizing open-source information to catalog and analyze global technology innovation.

Unfortunately, China doesn’t use legal means exclusively. Malicious activities also fuel their aggressive agenda.

Espionage and IP theft

China differs from other state actors in that the number one priority is usually espionage and Intellectual Property theft. In fact, over 80% of international cases involving economic espionage involve China[6]. It is a driving force behind the country’s rapid technological evolution.

According to the director of the National Counterintelligence and Security Center, William Evanina, IP theft costs the United States up to $600 billion a year[7]. That’s nearly 3% of the most prosperous nation’s total GDP!

This results in a two-pronged effect that simultaneously strengthens China and weakens the United States. Chinese hackers infiltrate U.S. networks, steal IP and trade secrets, form business operations in China’s domestic market using the IP, then disrupt global markets by undercutting United States’ companies. This brazen activity led to FBI Director Christopher Wray’s assertion that “no country poses a greater threat [to the United States] than Communist China.[8]“

For its part, Beijing continues to claim its commitment to cracking down on IP theft[9]. So far, this purported dedication is questionable at best. According to a 2019 CNBC CFO survey, over 20% of organizations had IP stolen by China within the past year[10].  Seeing as the percentage only increased to 31% in the past decade, you can make the argument that the theft frequency is increasing.

Structure

The scope of China’s cyber Army is rather massive. The most recent report in 2016 estimated China employs over 30,000 military hackers and up to 150,000 “private” cyberspies[11]. Given the communist nature of the country’s government, the term “private” is nebulous and blends confusingly into their official government-backed activities. During Congressional testimony in 2018[12], a senior researcher at The Heritage Foundation, Dean Cheng, defined three distinct categories under which China’s cyber forces fall.

Specialized military units

There are units within the People’s Liberation Army (China’s armed regular armed forces) that deal in cyber warfare. These are highly trained professionals that carry out strategic missions throughout the globe. The most publicized of these groups are Unit 61398 (APT1) and Unit 61486 (APT2). In Part II of our blog series on Chinese threat actors, we’ll go into more detail about these groups and their high-profile attacks.

Specialist units with military permission

These units aren’t permanent fixtures within the Chinese military. The hackers may be local province cybersecurity experts called to duty within a military region or war zone for tactical purposes. Typically, they are put into action by officials from the state intelligence agency (Ministry of State Security) or the state police force (Ministry of Public Security).

Civilians

These are voluntary participants who can be mobilized to conduct network operations that further China’s goals. Examples include corporate espionage or ransomware deployments. Such activities can provide crucial IP information or illicit funding to military groups. Though not affiliated with the military under normal circumstances, the CCP has an official “Military-Civil Fusion” policy[13]. This strategy blurs the lines and renders distinctions between the two classes nearly moot.

When active, these all work within the People’s Liberation Army, under the SSF (Strategic Support Force). The SSF, established in 2015, is China’s overarching military unit that oversees space, cyber, and electronic warfare strategy and implementation.

Just the beginning

Hopefully, our brief overview has provided a better understanding of China’s emphasis on cyberwarfare and its importance to their geopolitical endeavors. It is a serious matter that democratic governments need to address soon. In Part II, we’ll delve into some of the various threat groups operating in the country and detail their known hacking campaigns. You’ll see exactly what kind of damage they can inflict.

[1] Zak Doffman. “Cyber Warfare: U.S. Military Admits Immediate Danger Is ‘Keeping Us Up At Night’, Forbes, Jul. 21, 2019, https://www.forbes.com/sites/zakdoffman/2019/07/21/cyber-warfare-u-s-military-admits-immediate-danger-is-keeping-us-up-at-night/?sh=7dc846411061

[2] Naushad K. Cherrayil, “Chinese-speaking hackers increase activity and diversify cyberattack methods”, Tech Radar, Aug. 5, 2020, https://www.techradar.com/news/chinese-speaking-hackers-increase-activity-and-diversify-cyberattack-methods

[3] The 15 countries with the highest military spending worldwide in 2019, Statista, Dec. 1, 2020, https://www.statista.com/statistics/262742/countries-with-the-highest-military-spending/

[4] Jost Wubbeke, Mirjam Meissner, Max J. Zenglein, Jacqueline Ives, Bjorn Conrad, “Made In China 2025: The making of a high-tech superpower and consequences for industrial countries”, Merics, Dec. 2016, https://merics.org/sites/default/files/2020-04/Made%20in%20China%202025.pdf

[5] Michael Brown, Pavneet Singh, “China’s Technology Transfer Strategy: How Chinese Investments in Emerging Technology Enable A Strategic Competitor to Access the Crown Jewels of U.S. Innovation”, Defense Innovation Unit Experimental, Jan. 2018, https://admin.govexec.com/media/diux_chinatechnologytransferstudy_jan_2018_(1).pdf

[6] David H. Laufman, Joseph M. Casino, Michael J. Kasdan, “The Department of Justice’s National Security Division Chief Addresses China’s Campaign to Steal US. Intellectual Property”, The National Law Review, Aug. 24, 2020, https://www.natlawreview.com/article/department-justice-s-national-security-division-chief-addresses-china-s-campaign-to

[7] “China theft of technology is biggest law enforcement threat to US, FBI says”, The Guardian, Feb. 2020, https://www.theguardian.com/world/2020/feb/06/china-technology-theft-fbi-biggest-threat

[8] “China theft of technology is biggest law enforcement threat to US, FBI says”, The Guardian, Feb. 2020, https://www.theguardian.com/world/2020/feb/06/china-technology-theft-fbi-biggest-threat

[9] Joe McDonald, “China announces trade secrets crackdown to assure investors”, AP News, Sept. 20, 2017, https://apnews.com/article/e7e6d8cf62d94542b2554c1f6c56f8f6

[10] Eric Rosenbaum, “1 in 5 corporations say China has stolen their IP within the last year: CNBC CFO survey”, CNBC, Mar. 1, 2019, https://www.cnbc.com/2019/02/28/1-in-5-companies-say-china-stole-their-ip-within-the-last-year-cnbc.html#:~:text=01%2C%202018.&text=There%20are%20no%20exact%20statistics,U.S.%20economy%20from%20these%20actions.

[11] Michelle Van Cleave, “Chinese Intelligence Operations and Implications for U.S. National Security”, U.S.-China Economic and Security Review Commission, June 9, 2020, https://www.uscc.gov/sites/default/files/Michelle%20Van%20Cleave_Written%20Testimony060916.pdf

[12] Dean Cheng, “China’s S&T and Innovation Efforts”, Congressional testimony, Jan. 9, 2020, https://docs.house.gov/meetings/AS/AS26/20180109/106756/HHRG-115-AS26-Wstate-ChengD-20180109.pdf

[13] “The Chinese Communist Party’s Military-Civil Fusion Policy”, The U.S. Department of State,