China’s Aggressive Cyber Warfare Tactics: A Strategic Move Towards Kinetic Warfare Dominance

China‘s Cyberattacks on Critical Infrastructure: A Strategic Move?

The US Department of Defense (DoD) has recently released its 2023 Cyber Strategy report, which highlights an increase in state-sponsored cyberattacks from the People’s Republic of China (PRC) targeting critical infrastructure that could impact military response. According to the DoD, these cyberattacks are part of a contingency plan to gain a strategic advantage in the event of kinetic warfare.

A Broad and Pervasive Cyberespionage Threat

The DoD report accuses the PRC of posing a broad and pervasive cyberespionage threat. It claims that China is not only surveilling individuals beyond its borders and stealing technology secrets, but also undermining the capabilities of the military-industrial complex. The report goes on to state that these malicious cyber activities are part of China‘s preparations for war, with the intention to launch destructive cyberattacks against the US homeland in the event of a conflict.

Cyber Activity as a Predecessor to Military Action

This idea that cyber activity can be a precursor to military action aligns with assessments made by Microsoft and others earlier this year, particularly in relation to the Volt Typhoon attacks. This Beijing-supported advanced persistent threat (APT) has targeted telecom networks, power and water controls, US military bases, and other infrastructure that could hamper real-world military operations. While there hasn’t been any operational disruption caused by these compromises so far, experts speculate that the Chinese government is positioning itself to conduct disruptive attacks on American critical infrastructure if the US gets involved in a potential invasion of Taiwan.

The APT’s ability to gain access to areas outside its typical environment and its deliberate efforts to cover its tracks make it difficult for security teams to accurately assess the level of infiltration. Additionally, the collateral damage caused by military-focused cyberattacks can extend to bystander businesses, as exploits launched by nation-states often leak to non-nation-state threat actors. This emphasizes the significance of defending the cyberwarfare space and protecting critical infrastructure.

Protecting Critical Infrastructure: A Whole-of-Government Effort

The DoD’s report outlines a “whole-of-government” approach to enhance resilience and make it harder for adversaries to disrupt essential services. This effort aligns with the 2023 National Cybersecurity Strategy and involves leveraging all available resources, contractual mechanisms, and operational arrangements to improve cybersecurity in critical infrastructure systems. The report emphasizes the importance of public-private partnerships and proposes concrete hardening and readiness actions.

An example of preemptive action is the offering of free network security and vulnerability scanning by the Cybersecurity and Infrastructure Security Agency (CISA) to water utilities. This service helps identify potential avenues of exploitation and safeguards against cyberattacks.

Continuous Improvement of Cyber Defenses

Experts stress the ongoing need to improve cyber defenses in the face of evolving threats. The escalating volume, velocity, and persistence of cyber threats are linked to the increased computational capabilities of IoT/OT systems in critical infrastructure and the growing sophistication of nation-state threat actors. From Stuxnet to the current conflict between Ukraine and Russia, where vulnerable IoT/OT systems have been exploited for battlefield advantage, the trend of cyber warfare is expected to persist.

In light of this, disrupting adversaries’ efforts and continuously enhancing cyber defenses are crucial. The DoD’s Cyber Strategy report recognizes the need for proactive defense measures and encourages further development in this area.

Editorial: Balancing Internet Security and Global Tensions

The escalating cyber warfare between nations like China and the US presents a complex challenge for both governments and cybersecurity professionals. As countries engage in strategic moves with cyberattacks, it becomes imperative to strike a balance between protecting critical infrastructure and maintaining global stability.

On one hand, governments must invest in robust defense mechanisms and strengthen cybersecurity measures to safeguard their critical infrastructure. Public-private partnerships are essential for collective resilience, as threats against critical infrastructure affect not only national security but also economic stability and public safety.

On the other hand, it is crucial to recognize that heightened tensions and suspicions between nations may inadvertently lead to an escalation of cyber warfare. The potential collateral damage inflicted on non-nation-state actors highlights the need for responsible and proportionate cyber operations. Governments should exercise restraint and explore diplomatic avenues to address cybersecurity concerns and resolve conflicts.

Advice: Vigilance and Collaboration in Cyberspace

Given the persistent and evolving nature of cyber threats, individuals and organizations must remain vigilant and proactive in their cybersecurity practices. This includes implementing strong security measures, regularly updating systems and software, and educating employees on cybersecurity hygiene.

Moreover, fostering collaboration and information sharing among governments, private sector entities, and the cybersecurity community is essential. By working together, organizations can collectively enhance their cyber defenses and stay ahead of malicious actors.

As the digital landscape continues to evolve, it is imperative that nations prioritize cybersecurity as a key component of national defense to protect critical infrastructure and mitigate the risks associated with cyber warfare.