Tag Archives: cyber

The Strategic Support Force: China’s Information Warfare Service

This piece was originally published by the Jamestown Foundation. It is republished here with permission. Read it in its original form here.

By John Costello

Gao Jin (高津) is the PLASSF’s Commander. Note that he was promoted to major general in June 2006 and to lieutenant general occurred in July 2013. (Xinhua)

On December 31, 2015, Xi Jinping introduced the People’s Liberation Army Rocket Force (PLARF; 火箭军), Strategic Support Force (PLASSF; 战略支援部队), and Army Leadership Organ. The move came just within the Central Military Commission’s deadline to complete the bulk of reforms by the end of the year. Most media coverage has focused on the Rocket Force, whose reorganization amounts to a promotion of the PLA Second Artillery Force (PLASAF) to the status of a service on the same level of the PLA Army, Navy, and Air Force. However, by far the most interesting and unexpected development was the creation of the SSF.

According to official sources, the Strategic Support Force will form the core of China’s information warfare force, which is central to China’s “active defense” strategic concept. This is an evolution, not a departure from, China’s evolving military strategy. It is a culmination of years of technological advancement and institutional change. In the context of ongoing reforms, the creation of the SSF may be one of the most important changes yet. Consolidating and restructuring China’s information forces is a key measure to enable a number of other state goals of reform, including reducing the power of the army, implementing joint operations, and increasing emphasis on high-tech forces.

The Strategic Support Force in Chinese Media

Top Chinese leadership, including President Xi Jinping and Ministry of Defense spokesman Yang Yujun have not provided significant details about the operational characteristics of the SSF. Xi has described the SSF as a “new-type combat force to maintain national security and an important growth point of the PLA’s combat capabilities” (MOD, January 1).

On January 14, the SSF’s newly-appointed commander, Gao Jin (高津) said that the SSF will raise an information umbrella(信息伞) for the military and will act as an important factor in integrating military services and systems, noting that it will provide the entire military with accurate, effective, and reliable information support and strategic support assurance (准确高效可靠的信息支撑和战略支援保障) (CSSN, January 14). [1]

Senior Chinese military experts have been quick to comment on the SSF, and their interviews form some of the best and most authoritative insights into the role the new force will play in the Chinese military. For instance, on January 16th, the Global Times quoted Song Zhongping (宋忠平), a former PLASAF officer and a professor at the PLARF’s Equipment Research Academy, who described SSF as as a “fifth service” and, contrary to official reports, states it is not a “military branch” (兵种) but rather should be seen as an independent military service (军种) in its own right. [2] He continues by stating that it will be composed of three separate forces or force-types: space troops (天军), cyber troops (网军), and electronic warfare forces (电子战部队). The cyber force would be composed of “hackers focusing on attack and defense,” the space forces would “focus on reconnaissance and navigation satellites,” and the electronic warfare force would focus on “jamming and disrupting enemy radar and communications.” According to Song, this would allow the PLA to “meet the challenges of not only traditional warfare but also of new warfare centered on new technology” (Global Times, January 16).

By far the most authoritative description of the Strategic Support Force comes from People’s Liberation Army Navy (PLAN) Rear Admiral Yin Zhuo (尹卓). As a member of both the PLAN Expert Advisory Committee for Cybersecurity and Informatization (海军网络安全和信息化专家委员会) and the All-Military Cybersecurity and Informatization Expert Advisory Committee (全军网络安全和信息化专家委员会, MCIEAC) formed in May 2015, Yin is in the exact sort of position to have first-hand knowledge of the SSF, if not a direct role in its creation.

In an interview published by official media on January 5th, 2016, Yin stated that its main mission will be to enable battlefield operations by ensuring the military can “maintain local advantages in the aerospace, space, cyber, and electromagnetic battlefields.” Specifically, the SSF’s missions will include target tracking and reconnaissance, daily operation of satellite navigation, operating Beidou satellites, managing space-based reconnaissance assets, and attack and defense in the cyber and electromagnetic spaces” and will be “deciding factors in [the PLA’s] ability to attain victory in future wars” (China Military News, January 5).

Yin also foresees the SSF playing a greater role in protecting and defending civilian infrastructure than the PLA has in the past:

“[The SSF] will play an important role in China’s socialist construction. Additionally, China is facing a lot of hackers on the internet which are engaging in illegal activities, for example, conducting cyber attacks against government facilities, military facilities, and major civilian facilities. This requires that we protect them with appropriate defense. The SSF will play an important role in protecting the country’s financial security and the security of people’s daily lives” (China Military News, January 5).

Yang Yujun, MND spokesman, also suggested that civilian-military integration will form a portion of the SSF’s mission, but stopped short of clarifying whether this meant the force will have a heavy civilian component or will be involved in defending civilian infrastructure, or both (CNTV, January 2).

Yin noted that the SSF will embody the PLA’s vision of real joint operations. In Yin’s view, military operations cannot be divorced from “electronic space,” a conceptual fusion of the electromagnetic and cyber domains. The SSF will integrate “reconnaissance, early warning, communications, command, control, navigation, digitalized ocean, digitalized land, etc. and will provide strong support for joint operations for each military service branch.” Indeed, this view was also echoed by Shao Yongling (邵永灵), a PLARF Senior Colonel who is currently a professor at the PLA’s Command College in Wuhan. She suggested that the SSF was created to centralize each branch of the PLA’s combat support units, where previously each service had their own, resulting in “overlapping functions and repeat investment.” Consolidating these responsibilities in a central force would allow the military to “reduce redundancies, better integrate, and improve joint operational capabilities” (China Military News, January 5).

Taken together, these sources suggest that at its most basic, the SSF will comprise forces in the space, cyber, and electromagnetic domains. Specifically, sources indicate the SSF will most likely be responsible for all aspects of information in warfare, including intelligence, technical reconnaissance, cyber attack/defense, electronic warfare, and aspects of information technology and management.

Force Composition

Rear Admiral Yin’s comments in particular suggest that at a minimum the SSF will draw from forces previously under the General Staff Department’s (GSD) subordinate organs, to include portions of the First Department (1PLA, operations department), Second Department (2PLA, intelligence department), Third Department (3PLA, technical reconnaissance department), Fourth Department (4PLA, electronic countermeasure and radar department), and Informatization Department (communications).

The “Joint Staff Headquarters Department” (JSD) under the Central Military Commission will likely incorporate the 1PLA’s command and control, recruitment, planning, and administrative bureaus. Information support organs like the meteorology and hydrology bureau, survey and mapping bureau, and targeting bureau would move to the SSF.

The GSD’s intelligence department, the 2PLA will likely move to the SSF, although there is some question as to whether it will maintain all aspects of its clandestine intelligence mission, or this will be moved to a separate unit. The Aerospace Reconnaissance Bureau (ARB), responsible for the GSD’s overhead intelligence, surveillance, and reconnaissance mission will most likely form the center of the SSF’s space corps. The 2PLA’s second bureau, responsible for tactical reconnaissance, will also move to the SSF. This will include one of its primary missions: operating China’s long-range unmanned aerial vehicles (UAV).[3]

The SSF will unify China’s cyber mission by reducing the institutional barriers separating computer network attack, espionage, and defense, which have been “stove-piped” and developed as three separate disciplines within the PLA. The 3PLA’s technical reconnaissance and cyber espionage units will likely move, including the national network of infamous technical reconnaissance bureau’s (TRB), the most famous of which is Unit 61398. The 4PLA’s electronic countermeasures mission will likely form the core of a future electronic warfare force under the SSF, and the its secondary mission of computer network attack (CNA) will also likely also move under the SSF.

Finally, the entirety of the Informatization Department will likely move to the SSF. This will unify its mission, which has expanding over the years to include near all aspects of the support side of informatization, including communications, information management, network administration, computer network defense (CND), and satellite downlink.

Drawing the bulk of the SSF from former GSD organs and subordinate units is not only remarkably practical, but it is also mutually reinforcing with other reforms. Firstly, it reduces the power and influence of the Army by removing its most strategic capabilities. Previously the PLA Army was split into two echelons, its GSD-level headquarters departments (部门) and units (部队) and Military Region-level (MR; 军区) operational units. GSD units did not serve in combat or traditional operational roles, yet constituted some of China’s most advanced “new-type” capabilities: information management, space forces, cyber espionage, cyber-attack, advanced electronic warfare, and intelligence, reconnaissance, and surveillance. The creation of the Army Leadership Organ effectively split the Army along these lines, with lower-echelon forces forming the PLA Ground Forces and the higher-echelon units forming the Strategic Support Force.

Secondly, separating these capabilities into a separate SSF allows the PLA Army to concentrate on land defense and combat. Nearly all personnel staffing the supposedly joint-force GSD units were Army personnel and by-and-large these units were considered Army units, despite serving as the de facto joint strategic support units for the entire PLA military. Giving the SSF its own administrative organs and personnel allows the PLA Army to concentrate solely on the business of ground combat, land defense, and fulfilling its intended roles in the context of China’s national defense strategy.

Finally and most importantly, separating the second, third, fourth, and “fifth” departments—as the Informatization Department is sometimes called—into their own service branch allows them to be leveraged to a greater degree for Navy Air Force, and Rocket Force missions. More than anything, it allows them to focus on force-building and integrating these capabilities across each service-branch, thereby enabling a long-sought “joint-force” capable of winning wars.

In many ways, taking GSD-level departments, bureaus, and units and centralizing them into the Strategic Support Force is making official what has long been a reality. GSD-level components have nearly always operated independently from regional Group Army units. Separating them into a separate service is less of an institutional change and more of an administrative paper-shuffle.

Integrated Information Warfare

The Strategic Support Force will form the core of China’s information warfare force, which is central to China’s strategy of pre-emptive attack and asymmetric warfare. China’s new military reforms seek to synthesize military preparations into a “combined wartime and peacetime military footing.” These “strategic presets” seek to put China’s military into an advantageous position at the outset of war in order to launch a preemptive attack or quickly respond to aggression. [4] This allows China to offset its disadvantages in technology and equipment through preparation and planning, particularly against a high-tech opponent—generally a by-word for the United States in PLA strategic literature.

These presets require careful selection of targets so that a first salvo of hard-kill and soft-kill measures can completely cripple an enemy’s operational “system of systems,” or his ability to use information technology to conduct operations. Achieving this information dominance is necessary to achieve air and sea dominance, or the “three dominances.” [5] A PLA Textbook, The Science of Military Strategy, (SMS) specifically cites space, cyber, and electronic warfare means working together as strategic weapons to achieve these ends, to “paralyze enemy operational system of systems” and “sabotage enemy’s war command system of systems.” [6] This includes launching space and cyber-attacks against political, economic, and civilian targets as a deterrent. The Strategic Support Force will undoubtedly play a central role as the information warfare component of China’s warfare strategy, and will be the “tip of the spear” in its war-plans and strategic disposition.

Remaining Questions

Despite what can be culled and answered from official sources and expert commentary, significant questions remain regarding the structure of Strategic Support Force and the roles it will play. For one, it is unclear how the Strategic Support Force will incorporate civilian elements into its ranks. Mentioned in 2015’s DWP and the more recent reform guidelines, civilian-military integration is a priority, but Chinese official sources have stopped short in describing how these forces will be incorporated into military in the new order (MOD, May 26, 2015). Previously, the General Staff Department research institutes, known as the “GSD RI’s,” acted as epicenters of civilian technical talent for strategic military capabilities. If the Strategic Support Force is primarily composed of former GSD units, then these research institutes will be ready-made fusion-points for civilian-military integration, and may take on a greater role in both operations and acquisition. Even so, the civilian piece is likely to prove vital, as they will undoubtedly serve as the backbone of China’s cyber capability.

Secondly, it is unknown specifically what forces will compose the Strategic Support Force, or the full extent of its mission. When official sources say “new-type” forces, they could mean a wide range of different things, and the term can include special warfare, intelligence operations, cyber warfare, or space. At a minimum, a consensus has emerged that the force will incorporate space, cyber, and electronic warfare, but the full extent of what this means is unclear. It is also unknown, for instance, if the space mission will include space launch facilities, or whether those will remain under the CMC Equipment Development Department, a rechristened General Armament Department. Where psychological operations will fall in the new order is also up for debate. Some sources have said that it will be incorporated into the SSF while others have left it out entirely.

Finally, although it is clear that the SSF will act as a service, it remains unclear if the CMC will also treat it as an operational entity, or how the CMC will operationalize forces that are under its administrative purview. It is unlikely that the military theaters will have operational authority over strategic-level cyber units, electronic warfare units, or space assets. These capabilities will likely be commanded directly by the CMC. This logic flies in the face of the new system, which requires that services focus on force construction rather than operations and warfare. The solution may be that the SSF, as well as the PLARF, act as both services and “functional” commands for their respective missions.

Conclusion

Ultimately, the strategic support force needs to be understood in the broader context of the reforms responsible for its creation. On one hand, the reforms are practical, intending to usher China’s military forces into the modern era and transform them into a force capable of waging and winning “informatized local wars.” On the other hand, the reforms are politically motivated, intending to reassert party leadership to transform the PLA into a more reliable, effective political instrument.

The Strategic Support Force, if administered correctly, will help solve many of the PLA’s problems that have prevented it from effectively implementing joint operations and information warfare. The creation of an entire military service dedicated to information warfare reaffirms China’s focus on the importance of information in its strategic concepts, but it also reveals the Central Military Commission’s desire to assert more control over these forces as political instruments. With the CMC solidly at the helm, information warfare will likely be leveraged more strategically and will be seen in all aspects of PLA operations both in peace and in war. China is committing itself completely to information warfare, foreign nations should take note and act accordingly.

John Costello is Congressional Innovation Fellow for New American Foundation and a former Research Analyst at Defense Group Inc. He was a member of the U.S. Navy and a DOD Analyst. He specializes in information warfare, electronic warfare and non-kinetic counter-space issues.

Notes

1. A Chinese-media report on Gao Jin’s military service assignments can be found at <http://news.sina.com.cn/c/sz/2016-01-01/doc-ifxneept3519173.shtml>. Gao Jin’s role as commander of the SSF is noteworthy in two respects: One, he is a career Second Artillery officer, so his new role muddies the waters a bit in understanding whether the SSF will be a force composed of Army personnel but treated administratively separate from the Army—not unlike the former PLASAF-PLA Army relationship—or will be composed of personnel from various services and treated administratively separate from all forces. Secondly and more important to this discussion, before his new post as SSF commander, Gao Jin was head of the highly-influential Academy of Military Sciences (AMS) which besides being the PLA’s de facto think-tank (along with the National Defense University), is responsible for putting out the Science of Strategy, a wide-reaching consensus document that both captures and guides PLA strategic thinking at the national level. The most recent edition published in 2013 was released under his tenure as commandant of AMS and many of the ideas from that edition have found their way into the 2015 defense white paper, December’s guide on military reforms, and many of the changes made to China’s national defense establishment. His new role could be seen as CMC-endorsement of SMS’s views on China’s strategic thought.

2. Song’s description of the SSF contradicts official-media descriptions of the service, which had suggested that the service will occupy a similar echelon to that of the PLASAF before it was promoted to full military service status equal to the other branches.

3. Ian M. Easton and L.C. Russell Hsiao, “The Chinese People’s Liberation Army’s Unmanned Aerial Vehicle Project: Organizational Capacities and Operational Capabilities,” 2049 Institute, March 11, 2013. p. 14.

4. The Science of Military Strategy [战略学], 3rd ed., Beijing: Military Science Press, 2013. p. 320.

5. Ibid. p. 165.

6. Ibid. p. 164.

Featured Image: Soldiers of the Chinese People’s Liberation Army 1st Amphibious Mechanized Infantry Division prepare to provide Chairman of the Joint Chiefs of Staff Adm. Mike Mullen with a demonstration of their capablities during a visit to the unit in China on July 12, 2011. (DoD photo by Mass Communication Specialist 1st Class Chad J. McNeeley/Released)

Members’ Roundup: July 2016 Part One

By Sam Cohen

Welcome to Part One of the July 2016 members’ roundup. Through the first half of July, CIMSEC members examined several international maritime security issues, including the Permanent Court of Arbitration ruling in the South China Sea, Russia’s continued air campaign against ISIS, the U.S. Navy’s procurement objectives for the Virginia-class submarine successor, and the United States’ position on the United Nations Convention on the Law of the Sea (UNCLOS). Here is a roundup of their writings. 

Mira Rapp-Hooper and Patrick Cronin, at War on the Rocks, provide an analysis on the long-anticipated Permanent Court of Arbitration ruling in the Philippines vs. China case over the South China Sea. Using a ‘Choose Your Own Adventure’ format, the authors breaks down the different geopolitical and legal implications of the ruling, including potential Chinese responses, political fallout for China–Philippines relations, and the future of maritime and sovereignty claims in the South China Sea. The authors explain that for China to comply with the Court’s ruling it must not claim any water or airspace from the reefs it occupies or make a 12 nautical mile assertion from any claimed land features. With the ruling being highly unfavorable to China’s maritime objectives, the authors highlight that if Beijing begins to prioritize territorial claims while easing off claims to water and air, it would likely reflect a China looking to move beyond its defeat while saving face.

Armando J. Heredia at U.S. Naval Institute News, examines the tribunal’s decision from the perspective of Manila and how the recent election of Rodrigo Duterte as President of the Philippines will impact regional relations. He explains how the previous administration chose to accelerate the modernization process of the country’s military in response to increased hostility from China while opening the way for American forces to return to the Philippines through the Enhanced Defense Cooperation Agreement (EDCA). He notes that even under the modernization program the Philippines remain weak in terms of kinetic responses to a Chinese incursion. He also notes that any engagement by the Philippines would have to leverage the country’s poorly equipped Coast Guard, which lacks sufficient hulls to establish presence operations near disputed maritime regions and land features.

Jake Bebber, at the U.S. Naval Institute Blog, discusses the centrality of cyberspace operations in the People’s Liberation Army’s (PLA) strategy for long-term competition with the United States. He discusses aspects of informationized warfare and how the PLA is seeking to position its sources of information power to enable it to win a short, overwhelming victory for Chinese forces in a notional conflict. He notes that in response to China investing large amounts of time, energy, people and resources towards achieving the country’s cyberspace and information warfare objectives, the DoD must ensure that U.S. Cyber Strategy supports the force planning, training, and equipping of cyber forces while integrating advanced technology into information planning and acquisition.

Kyle Mizokami, at Popular Mechanics, provides an overview of Moscow’s decision to deploy the country’s only aircraft carrier to the Mediterranean to carry out airstrikes against the Islamic State until next year. Discussing some of the ship’s features, he explains that the ship’s propulsion system is unreliable and is so prone to breaking down that an oceangoing tugboat always accompanies it on long distance voyages. He also discusses the capabilities the carrier will deploy, including Su-33 air superiority fighters, Su-25UTG ground attack aircraft, and MiG-29KUB two-seater multi-role fighters.

Dave Majumdar, at The National Interest, discusses the U.S. Navy’s procurement objectives for the next-generation SSN(X) successor to the Virginia-class attack submarines. His article argues that one priority, permitting the Navy will have the technological know-how to do so, is to effectively turn the future attack submarine into an underwater platform for unmanned underwater vehicles (UUV). Another objective would be to eliminate noise-generating moving parts such as a propulsor or driveshaft in the propulsion system to decrease the possibility of detection in an increasingly competitive undersea environment.

Members at CIMSEC were also active elsewhere during the first part of July:

At CIMSEC we encourage members to continue writing, either here on CIMSEC or through other means. You can assist us by emailing your works to dmp@cimsec.org.

Sam Cohen is currently studying Honors Specialization Political Science at Western University in Canada. His interests are in the fields of strategic studies, international law and defense policy.

Featured Image: A view from the deck of the Russian carrier  Admiral Kuznetsov (Wikimedia commons)

A Cyber-Information Operations Offset Strategy for Countering the Surge of Chinese Power Pt. 2

The following is a two-part series on how the U.S. might better utilize cyberspace and information operations as a Third Offset. Part I evaluated current offset proposals and explores the strategic context. Part II provides specific cyber/IO operations and lines of effort. Read Part One here.

By Jake Bebber

Targeting China’s ability to control information is an efficient means to offset Chinese power. To be effective, the United States should adopt a “whole of government” approach, leveraging cyberspace and other information related capabilities that can hold China’s domestic internet filtering, censorship, and information dissemination capabilities at risk. This campaign should operate across the entire spectrum of conflict and engagement, from public diplomacy and strategic communication, to battlespace preparation, limited conflict, and if de-escalation is unsuccessful, full-spectrum military operations. It will likely require coordination and administration at the highest civilian leadership level. This will be a long-term campaign aiming to counter China during the critical window in the next ten to twenty years when Chinese economic and military power will surge, and then subside as demographic factors limit its growth causing China to enter into a period of decline and inherently shifts its focus inward to to maintain stability.

The United States will have to address three broad issues: access, authorities, and capabilities. Internet access into China is restricted from the outside, and it is reasonable to assume that during a period of rising tensions or even conflict, traditional means of accessing China’s “red space” (civilian, military, and government networks) will not be available. The U.S. will need alternative avenues into Chinese networks, which may take the form of radio frequency injection into wireless networks (Bluetooth, WiFi and WiMAX)[i] to other methods targeting the physical and logical network layers and cyber-persona layers[ii] of cyberspace for preplacement of access.

Figure 1. The Three Layers of Cyberspace[iii]
The Three Layers of Cyberspace [iii].

The authority of the U.S. government to operate in cyberspace crosses boundaries and jurisdictions, and largely depends on the function of the agency or entity. Traditional military activities conducted by the Department of Defense are covered under Title 10 of U.S. Code, with the principal being the Secretary of Defense. Other titles supporting cyberspace operations include foreign intelligence collection (Title 50), domestic security (Title 6), law enforcement (Title 18) and government information technology security and acquisition (Title 40).[iv] These authorities will have to be aligned and deconflicted.

The capabilities required run the spectrum. They can include fully attributable on-net operations, such as a Foreign Service Officer participating in an online forum or social network to communicate U.S. policy, to the development of tools and malware that can degrade and disrupt command and control networks. Other possibilities include the distribution of encrypted personal communication devices and unattributable social media and organizing applications that permit dissident groups within China to maintain situational awareness.

There have been attempts to respond to China’s growing Internet censorship capabilities by those in the telecommunications industry and by the U.S. government. The Global Network Initiative was started in 2008 by industry, civic organizations, and universities to “promote best practices related to the conduct of U.S. companies in countries with poor Internet freedom records.” In 2011, the President issued the “International Strategy for Cyberspace.” Its goals include “enabling continued innovation for increasing economic activity, increasing individuals’ ability to communicate with one another, safeguarding freedom of expression, association, and other freedoms, and enhancing both individual privacy and national and international security.” The U.S. Department of State includes Internet freedom as a part of its global human rights agenda. In 2006, State formed the Global Internet Freedom Taskforce which later became the NetFreedom Taskforce, to coordinate State Department efforts monitoring Internet freedom. Both the State Department and U.S Agency for International Development have received funding for the development of Internet censorship circumvention technologies, training of non-government organizations and activists, media assistance, and leading international policy formulation on Internet freedom.[v]

The Broadcasting Board of Governors, which oversees the Voice of America (VOA) and Radio Free Asia (RFA) programs, also supports counter-censorship and circumvention software development and distribution. The VOA sends daily emails to “8 million Chinese citizens … with international and domestic news stories as well as information about how to use proxy servers.” The RFA has implemented the Freedom2Connect program to “research, develop, and deliver online tools for Internet users in China to securely browse online and send secure e-mail.”[vi]

While important, the current response by industry and government lacks both the senior policy coordination required of a grand strategy or adequate funding to keep up with China’s growing Internet monitoring and censorship capabilities. They do not fully leverage other assets and tools at America’s disposal. The U.S. can and should be doing much more to attack China’s critical vulnerabilities in information control.

Lines of Effort

Public Diplomacy – At the interagency level, the United States should continue pursuing bilateral, multilateral, and international agreements such as those mentioned above which promote freedom of information, expression and freedom from government oversight and censorship. The U.S. should also continue to strengthen international regimes against cybercrime and intellectual property theft. Internet norms and rules should be standardized across political boundaries where practical. This diplomatic effort ties into longstanding American policy of supporting freedom of speech and protection of universal human rights.

Economic Policy and Trade – Here again, longstanding American policy supporting property rights and free trade legitimize the continued advocacy of international agreements and accords promoting freedom in cyberspace. At the same time, the U.S. must tighten technology export controls to nations like China that continue to restrict access. In the event of industrial espionage or even cyber-attack, the U.S. can impose real economic costs and sanctions. The U.S. can also move on the Global Online Freedom Act, which would, among other things, prohibit U.S. companies from cooperating with foreign governments that engage in censorship or human rights abuses, require the U.S. Trade Representative to report on trade-related issues that arise out of a foreign government’s censorship policies, and impose export controls on telecommunications equipment that can be used to carry out censorship or surveillance.[vii] Some of these provisions can be waived when it suits American interests. In other areas, the U.S. can also promote public cybersecurity regimes, such as international risk insurance tools and accreditation that encourage network protection and hardening in the private sector.

Strategic Communication – In modern war, the actions of a single Soldier, Sailor, Airman or Marine can have a far-reaching impact on national strategy. While this is often used to highlight the potential implications of an untoward or controversial event, the reverse also holds true. The actions of every member of the U.S. government, from Foreign Service officer, embassy staff and humanitarian assistance officer to those of the military can have an equally positive impact if the appropriate messages are coordinated and timed to unfolding events. The United States should expand strategic communication tools such as Radio Free Asia and Voice of America. Using new capabilities in cyberspace and in personal communications, a comprehensive program of unbiased news delivery and strategic messaging to the Chinese public on a much larger scale can, over time, provide alternatives to Chinese government propaganda. Not to be forgotten, approximately two million Chinese visit the United States each year as tourists[viii], and around a quarter of a million Chinese students attend college in the U.S.[ix] Each visitor and student represents an opportunity for engagement.

Cyberspace Operations – Being able to deliver effects in and through cyberspace to China is a question of both access and capabilities. China has one of the most robust and sophisticated information control systems in the world, with multiple internal security and military organizations and tens of thousands of Chinese working daily to censor communications and filter access within China and between China and the world. Network penetrations and preplacement access generation needs to occur now, during peacetime, and continue throughout in order to assure capabilities can be delivered when needed. The fact is that when tensions escalate and China erects more firewalls, penetration becomes that much more difficult, if not impossible. This leaves military commanders and policy-makers little choice but to revert to traditional kinetic tools to dissuade Chinese aggression – exactly the scenario they hope to avoid – and plays to China’s strengths. Developing multiple access vectors now with the capability to hold at-risk, at a time and place of our choosing, information control systems in the long run represent an efficient means of directly attacking China’s most critical vulnerability and holding the Communist Party’s political control at risk. This represents an asymmetric counter to China’s growing A2/AD capabilities, and is a far more efficient and economical alternative.

bebber1
A snapshot image of cyber attacks. Source: Norse Corp.

Cyberspace operations reside on a continuum, sometimes offensive, sometimes defensive and sometimes both simultaneously. At the same time the U.S. is developing access vectors and tools to exploit China’s information control systems, it must also harden its own military, government, and civilian critical infrastructure networks. Research suggests that improving cyber defenses limit incentives to infiltrate networks for espionage, intellectual property theft, or cyber-attack. A resilience model should be adopted. Instead of building “cyber walls” using a traditional warfare model, cyber defense should model biological systems that can adapt and recover. Systems can be designed to turn the table on intrusions, misdirecting them down false alleys or “sinkholing” them in so-called “honeypots” for study. This can even be effective in passing back false information or simply causing the attacker to waste time and resources chasing phantoms.[x] On the offensive side of the continuum, experts like retired Army Lieutenant Colonel Timothy Thomas see the development and fielding of 13 offensive cyber warfare teams as significant. According to him, the Chinese “now know we are ready to go on the offense. There’s something that’s been put in place that I think is going to change their view.”[xi]

Clandestine Action – Due to the difficulties in acquiring and maintaining access in closed networks, the United States will have to undertake clandestine efforts, both in cyberspace and through traditional means. Policy makers should be careful, however, not to be lulled by the lure of technologically-based cyberspace operations as the preferable alternative to traditional human intelligence operations. While the U.S. is right to continue to pursue advances in unmanned vehicles, radio-frequency and electro-magnetic operations, and space-based computer and communication operations, obtaining and maintaining access  in many cases will require mixed-mode penetration: human and cyber action. Cultivating human sources to gain insight into leadership intentions, network configurations, and potential areas of exploitation remain a critical part of a broad information operations campaign. As China continues to pursue clandestine operations against the U.S., both to gather traditional intelligence and to enable their own cyberspace operations, our own counter-intelligence and cyberspace defense capabilities will become that much more important.

These lines of effort will have to be synchronized in a mutually supporting effort. Public diplomacy and strategic communication can be enabled in and through cyberspace. Clandestine action may be required to obtain and maintain access to critical networks. Economic incentives, technology export controls and sanctions will play critical roles at times to advance America’s interests to degrade or disrupt China’s information control systems.

It will be necessary to develop options which degrade China’s information control capabilities incrementally while preserving significant reserves. Historically, this has been especially tricky. Past experience, such as the Vietnam War, suggests that the incremental application of force with too fine of control tends to condition the adversary rather than compel the adversary. The U.S. will need to be able to send “warning shots” that indicate to the CCP that we possess capabilities that will cause them to lose control entirely and threaten their hold on power, allowing the U.S. to prevail. Of course, given that many cyberspace and IO capabilities are perishable once used, the U.S. will need to maintain a host of capabilities able to be delivered across multiple vectors and times and places of our choosing.

One must be mindful that while China’s information controls systems are a critical vulnerability, they are not a gateway to the overthrow of the CCP and the establishment of a democratic government, at least not right away. Data suggests that the vast majority of the Chinese public who utilize the Internet and social media are quite happy with the amount and variety of content available. Only about 10 percent use the Internet for political purposes with the remainder, like their American counterparts, using it for entertainment and socializing.[xii] Therefore, strategic messaging will have to be much less overt and subtler.

We should utilize the natural advantages the U.S. has in the entertainment and public relations world to encourage the public to put pressure on the government gradually, perhaps not directly in the political sphere but rather on natural fissures and tensions already resident, such as corruption, mismanagement, ethnic strife, uneven development, environmental degradation, and the growing wealth gap in China. Consider the recent effort by the U.S. Department of State to publicly highlight air quality in Beijing, resulting in embarrassment as well as change in China’s environmental policies.[xiii] Similar efforts, both public or through providing covert support to internal groups in China, would hopefully have similar impact. The goal will be to keep the CCP looking inward, concerned about social stability, rather than outward, projecting power.

To be successful, it will be necessary to understand at the highest level of detail possible not only the technical aspects of China’s information control apparatus but also its command, control and communication pathways, chain of command, and decision making calculus. Technical intelligence requirements would include network configuration pathways, router and server equipment models, operating and surveillance software versions, administrative controls, wireless hot points and air gaps and fiber network systems. The U.S. will need to know which agencies and bureaucracies are responsible for various kinds of surveillance and what their resident capabilities, gaps and scope of responsibility is. It would be helpful to identify key personalities and understand the resource competition between them in order to exploit them. We need to know how commands are passed down from leadership to operators, and if it is possible to deny, degrade, and in some way get in the middle of those communication pathways. We will also need to know the decision calculus of the Central Standing Committee. What will cause them to want to tighten control, or perhaps better yet, what might they simply ignore? This is certainly not an exhaustive list of intelligence requirements, but gives a sense of the kinds of information that a successful strategy will require.

China’s Response

In war, the enemy gets a vote, so policy makers and military commanders must carefully consider and “wargame” China’s response to a U.S. effort threatening its information control systems. By doing so, the U.S. can better prepare courses of action that counter potential Chinese responses. Traditionally, planners will break down adversary responses into two categories: most likely and most dangerous.

China’s responses are naturally shaped by their historic understanding of their place in the world, and especially the recent “Century of Humiliation” and the role that historical grievance plays in this understanding.[xiv] Attempting to shape the CCP’s ability to control information within China has a direct impact on the regime’s need to mobilize popular support in times of crisis or even war. The CCP has come to realize that “it cannot simply demand compliance and access to materials, people or facilities” as it probably once could during the days of Mao Zedong. The CCP and the PLA have undertaken “a systematic attempt to plan for mobilization, integrating it into economic development.”[xv] This planning includes “information mobilization” due to the “central role of information and information technology, especially in the context of informationized warfare.”[xvi] The various activities proposed here to attack critical vulnerabilities in China’s strategy should be viewed by policy-makers on a continuum of escalation. Public information campaigns highlighting air quality in Beijing will annoy the CCP in a much different way than denying China the ability to filter Internet content or threatening regime legitimacy.

March 22, 2013: Staff members of the newly-merged State General Administration of Press, Publication, Radio, Film and Television pose for group photos during a ceremony to hang the new nameplate in Beijing (Photo Credit: Xinhua/Wang Zhen).
March 22, 2013: Staff members of the newly-merged State General Administration of Press, Publication, Radio, Film and Television pose for group photos during a ceremony to hang a new nameplate in Beijing (Photo Credit: Xinhua/Wang Zhen).

China’s most likely course of action will be to continue to “plug the gaps” that any U.S. program creates in their information control system. This is a beneficial byproduct since the Chinese will continue to expend time and resources with an inward focus, possibly diverting some of its effort away from cyber espionage, or change its focus of cyber espionage from intellectual property theft to countering U.S. efforts. It will continue to partner with “like minded” regimes such as Russia, Iran, and Venezuela, perhaps targeting U.S. allies in Asia, Africa, and the Middle East, to advance an alternative international rule set and standard. China’s “Internet Agenda” will continue to focus on international recognition of state sovereignty over cyberspace, a global internet regulatory scheme that targets cybercrime and terrorism (with sufficiently vague definitions of “crime” and “terrorism” to allow for maximum latitude), and the legitimate role of the state to remain the “gatekeeper” to their country’s access to the internet.[xvii]

We can surmise what effect this strategy might have by examining world events and how the PRC responded when it felt threatened by internal pressures. For example, China has had a difficult relationship with some Muslim nations due to persecution of Uighurs in Xinjiang province. The recent decision by Thailand to repatriate nearly 100 Uighurs back to China was met with harsh criticism from the United Nations Refugee Agency and the international non-governmental organization Human Rights Watch. Reporting suggests that Beijing may have pressured Bangkok, and Chinese persecution has strained relations with Turkey, which has both ethnic and religious ties to the Uighurs in Xinjiang.[xviii] In September of 2014, Ilham Tohti, an economics professor and member of the CCP, was sentenced to life in prison  by a Xinjiang court for “inciting separatism” and inviting “international opprobrium,” according to Georgetown University professor James A. Millward.[xix]

China’s continued crackdown on Internet access appears to be having a direct impact on business and foreign investment, according to surveys conducted by the European Union Chamber of Commerce in China and the American Chamber of Commerce. Respondents noted that foreign firms feel “less welcome,” poor air quality makes it harder for firms to recruit executives, and that recent regulatory enforcement campaigns “target and hinder foreign companies.”[xx]

These two examples – internal repression, censorship and the impact on international relations and foreign investment – expose vulnerabilities in how China chooses to stem threats, which come at a cost to China. Therefore, we have insight into how proposed information activities which parallel previous events might look and the anticipated costs. A Cyberspace/IO Offset targeting China’s information control systems can be expected to result in more extreme or diverse efforts to clamp down on information and economic exchange, perhaps ratcheting up internal dissent or imposing economic costs as foreign investment slows.

Conclusion

By targeting China’s information control system, the United States can directly attack China’s most critical vulnerabilities and weaken its center of gravity, the Chinese Communist Party. By placing these controls at risk, PRC leadership will come to believe that their hold on power and ability to maintain domestic harmony is in jeopardy. This will permit the United States to effectively and efficiently counter Chinese power during a critical window of the next ten to twenty years, when demographic and economic headwinds will cause China to enter a period of decline.

A whole of government approach is often advocated but exceedingly difficult to execute in our federal system. The strategy will require careful coordination and long-term vision, two capabilities that Western democracies are notoriously deficient in. Due to the nature of the strategy, lines of effort and operations can become quickly compartmentalized in classified channels, which will make coordination that much more difficult. Importantly, much like the policy of containment against the Soviets, it will require buy in from across the political spectrum, also no easy task.

Ultimately, a Cyberspace-IO Offset permits the United States to leverage its unique advantages, both technological and historically ideological, to attack China’s critical vulnerabilities asymmetrically. Despite the challenge this strategy poses, the U.S. has shown historic resiliency and proven adaptability in the past, and the present is no different.

LT Robert “Jake” Bebber USN is a Cryptologic Warfare Officer assigned to United States Cyber Command. His previous assignments have included serving as an Information Operations officer in Afghanistan, Submarine Direct Support Officer and the Fleet Information Warfare Officer for the U.S. Seventh Fleet. He holds a Ph.D. in Public Policy from the University of Central Florida. His writing has appeared in Proceedings, Parameters, Orbis and elsewhere. He lives in Millersville, Maryland and is supported by his wife, Dana and their two sons, Vincent and Zachary. The views expressed here are his own and do not reflect those of the Department of Defense, Department of the Navy or U.S. Cyber Command. He welcomes your comments at jbebber@gmail.com.

[i] George K. Kostopoulos,  Cyberspace and Cybersecurity. (Boca Raton, FL: CRC Press, 2013).

[ii] Joint Publication 3-12 Cyberspace Operations defines the Physical Network Layer as “comprised of the geographic component and the physical network components. It is the medium where the data travel;” the Logical Network Layer as consisting of “those elements of the network that are related to one another in a way that is abstracted from the physical network, i.e., the form or relationships are not tied to an individual, specific path, or node;” and the Cyber-Persona Layer as “the people actually on the network. Cyber-personas may relate fairly directly to an actual person or entity, incorporating some biographical or corporate data, e-mail and IP address(es), Web pages, phone numbers, etc. However, one individual may have multiple cyber-persona, which may vary in the degree to which they are factually accurate. A single cyber-persona can have multiple users.”

[iii] Joint Chiefs of Staff. Joint Publication 3-12 (R): Cyberspace Operations. (Washington, D.C.: Department of Defense, 2013).

[iv] Joint Chiefs of Staff. Joint Publication 3-12(R): Cyberspace Operations.

[v] Thomas Lum, Patricia Moloney Figliona, and Matthew C. Weed. China, Internet Freedom, and U.S. Policy.

[vi] Ibid.

[vii] Ibid.

[viii] Chen Weihua. “2.1 Million Chinese to Visit US This Year.” China Daily USA, May 23, 2014, accessed December 24, 2014. http://usa.chinadaily.com.cn/us/2014-05/23/content_17538066.htm

[ix] Institute of International Education. “Top 25 Places of Origin of International Students, 2011/12-2012/13.” Open Doors Report on International Educational Exchange. 2013.

[x] P.W. Singer and Allen Friedman. “Cult of the Cyber Offensive.” Foreign Policy. January 15, 2014, accessed Demcember 24, 2014. http://foreignpolicy.com/2014/01/15/cult-of-the-cyber-offensive/

[xi] David Fieth. “Timothy Thomas: Why China Is Reading Your Email.” The Wall Street Journal. March 29, 2013, accessed September 24, 2015 . http://www.wsj.com/articles/SB10001424127887323419104578376042379430724

[xii] Thomas Lum, Patricia Moloney Figliona, and Matthew C. Weed. China, Internet Freedom, and U.S. Policy.

[xiii] David Roberts. “How the U.S. Embassy Tweeted to Clear Beijing’s Air.” Wired, March 6, 2015, accessed April 2, 2016. http://www.wired.com/2015/03/opinion-us-embassy-beijing-tweeted-clear-air/

[xiv] Zheng Wang. In China, History is a Religion. The Diplomat, June 16, 2014, accessed April 2, 2016. http://thediplomat.com/2014/06/in-china-history-is-a-religion/

[xv] Dean Cheng, Converting the Potential to the Actual: Chinese Mobilization Policies and Planning, in The People’s Liberation Army and Contingency Planning in China, Ed by Andrew Scobell, Arthur S. Ding, Phillip C. Saunders and Scott W. Arnold (National Defense University Press: Washington DC, 2015). P. 130-131.

[xvi] Dean Cheng, Converting the Potential to the Actual. p 111.

[xvii] John Jamison. “China’s Internet Agency.” The Diplomat, December 23, 2014, accessed December 28, 2014. http://thediplomat.com/2014/12/chinas-internet-agenda/

[xviii] Oliver Holmes. “Thailand forcibly sends nearly 100 Uighur Muslims back to China.” The Guardian, July 9, 2015, accessed September 24, 2015.. http://www.theguardian.com/world/2015/jul/09/thailand-forcibly-sends-nearly-100-uighur-muslims-back-to-china

[xix] James A. Millward.“China’s Fruitless Repression of the Uighurs.” The New York Times. September 28, 2014, accessed September 24, 2015.. http://www.nytimes.com/2014/09/29/opinion/chinas-fruitless-repression-of-the-uighurs.html

[xx] Calum MacLeod. “Foreign firms in China gripe about Internet, pollution.” USA Today, February 12, 2015, accessed Septmeber 24, 2015.http://www.usatoday.com/story/money/2015/02/12/china-internet-curbs-hurt-us-business/23283491/

A Cyber-Information Operations Offset Strategy for Countering the Surge of Chinese Power

The following is a two-part series on how the U.S. might better utilize cyberspace and information operations as a Third Offset. Part I will evaluate current offset proposals and explores the strategic context. Part II will provide specific cyber/IO operations and lines of effort.

By Jake Bebber 

“It is better by noble boldness to run the risk of being subject to half of the evils we anticipate than to remain in cowardly listlessness for fear of what might happen.”

-Herodotus, The Histories

Introduction

In 2014, then Secretary of Defense Hagel established the Defense Innovation Initiative, better known as the Third Offset, which is charged with recommending ways to sustain American military superiority in the face of growing capabilities fielded by powers such as Russia and China.[i] The purpose of the Third Offset is to “pursue innovative ways to sustain and advance our military superiority” and to “find new and creative ways to sustain, and in some cases expand, our advantages even as we deal with more limited resources.” He pointed to recent historical challenges posed by the Soviets in the 1970’s which led to the development of “networked precision strike, stealth and surveillance for conventional forces.” Centrally-controlled, inefficient Soviet industries could not match the U.S. technological advantage, and their efforts to do so weakened the Soviet economy, contributing to its collapse.

Today, China represents the most significant long-term threat to America and will be the focus here. A number of leading organizations, both within and outside government, have put forward recommendations for a Third Offset. However, these strategies have sought to maintain or widen perceived U.S. advantages in military capabilities rather than target China’s critical vulnerabilities. More importantly, these strategies are predicated on merely affecting China’s decision calculus on whether to use force to achieve its strategic aims – i.e., centered around avoiding war between the U.S. and China. This misunderstands China’s approach and strategy. China seeks to win without fighting, so the real danger is not that America will find itself in a war with China, but that America will find itself the loser without a shot being fired. This paper proposes a Cyberspace-IO Offset strategy directly attacking China’s critical vulnerability: its domestic information control system. By challenging and ultimately holding at risk China’s information control infrastructure, the U.S. can effectively offset China’s advantages and preserve America’s status as the regional security guarantor in Asia.

All effective strategies target the adversary’s center of gravity (COG), or basis of power. “Offset strategies” are those options that are especially efficient because they target an adversary’s critical vulnerabilities, while building on U.S. strengths, to “offset” the opponent’s advantages. Ideally, such strategies are difficult for an adversary to counter because they are constrained by their political system and economy. Today, China’s COG is the Chinese Communist Party (CCP). The stability of this system depends greatly on the ability of the Chinese regime to control information both within China, and between China and the outside. Without this control, opposition groups, minority groups, and factions within the CCP itself could organize more effectively and would have greater situational awareness for taking action. Thus, information control is potentially a critical Chinese vulnerability. If the United States can target the ability of the Chinese regime to control information, it could gain an efficient means to offset Chinese power. This offset strategy, using cyberspace and other information operations (IO) capabilities, should aim to counter China during the critical window in the next ten to twenty years when Chinese economic and military power will surge, and then subside as demographic, economic and social factors limit its growth.

Targeting the CCP’s ability to control information can be considered a long-term IO campaign with options to operate across the spectrum of conflict: peacetime diplomacy and battlespace preparation; limited conflict; and, if deterrence fails, full-scale military operations. The goal is to ensure that PRC leaders believe that, as conflict escalates, they will increasingly lose their ability to control information within China and from outside, in part because the U.S. would be prepared to use more drastic measures to impede it.

This strategy is most efficient because it serves as an organizing concept for cyber options targeted against China that would otherwise be developed piecemeal. It could serve as a means to prioritize research and development, and better link military planning for cyberspace operations to public diplomacy, strategic communication, and economic policy initiatives. The nature of cyberspace operations makes it difficult to attribute actions back to the United States with certainty, unless we wish it to be known that the U.S. is conducting this activity. Finally, it provides an alternative array of responses that policy makers can use to offset growing Chinese power without immediate direct military confrontation.

Demographic, economic and social factors will combine to create a ceiling on Chinese power, ultimately causing it to enter a period of decline much sooner than it expects.[ii] These factors will stress the Communist Party’s ability to exclude economic, social and political participation of dissenters, and create further reliance by the Party on information control systems.

The Strategic Environment

The United States is a status quo power. It seeks to retain its position of dominance while realizing that relative to other powers, its position may rise or fall given the circumstances. It supports the post-World War II international order – a mix of international legal and liberal economic arrangements that promote free trade and the resolution of disputes through international organizations or diplomatic engagement when possible. The United States recognizes the growth of China, and that it will soon achieve “great power” status, if not already. It is most advantageous to the United States if the “rise” (or more correctly, return to great power status) of China occurs peacefully, and within the already established framework of international rules, norms, and standards.

There are two important considerations. First is the “singularity” of China with respect to its self-understanding and its role in the world. China views the last two centuries – a time when China was weak internally and under influence from foreign powers – as an aberration in the natural world order. Most Chinese consider their several thousand year history as the story of China occupying the center of the world with “a host of lesser states that imbibed Chinese culture and paid tribute to China’s greatness …” This is the natural order of things. In the West, it was common to refer to China as a “rising power,” but again, this misreads China’s history. China was almost always the dominant power in the Asia-Pacific, punctuated by short periods of turmoil. It just so happened that the birth and growth of the United States took place during one of those periods of Chinese weakness.[iii]

The strategic approach of China is markedly different, based on its concept of shi, or the “strategic configuration of power.” The Chinese “way of war” sees little difference in diplomacy, economics and trade, psychological warfare (or in today’s understanding, “information warfare”) and violent military confrontation. To paraphrase the well-known saying, the acme of strategy is to preserve and protect the vital interests of the state without having to resort to direct conflict while still achieving your strategic purpose. The goal is to build up such a dominant political and psychological position that the outcome becomes a foregone conclusion. This is in contrast to Western thought which emphasizes superior power at a decisive point.[iv]

To the American leadership, the “most dangerous” outcome of a competition with China would seem to be one that leads to war; hence the near-desperate desire to not undertake any action which might lead China down that path. Yet a better understanding of China suggests that it believes it can (and is) achieving its strategic purpose without having to resort to force. Its military buildup, use of economic trade agreements, diplomacy, and domestic social stability are creating the very political and psychological conditions where the use of force becomes unnecessary. China is quite content to remain in “Phase 0” with the United States, because it  believes it is winning there. Thus, the question for America is not “How do we maintain the status quo in Phase 0?” but “How do we win in Phase 0?” The most dangerous course of action is not war with China, but losing to China without a shot being fired.

cyber 2
Figure 1. In 2015, China reorganized the PLA and created a new Cyber Warfare branch under its Strategic Support Force.

Current Offset Proposals

In response to the call for proposals, a number of initiatives and programs have been put forward by both the Department of Defense and leading national security think tanks. The underlying assumption of most of these proposals is that the United States has lost or is quickly losing its “first mover” advantage – such as that offered by the shift from unguided to guided munitions delivered from a position of stealth or sanctuary. In this regard, China represents a “pacing threat,” leading the way in developing its own guided weapons regime and the ability to deliver them asymmetrically against the United States.[v] In order to regain America’s military advantage, most recommendations follow along these lines:

  • Development and procurement of new platforms and technologies that leverage current perceived technological advantages over China in such areas as:
    • Unmanned autonomous systems;
    • Undersea warfare;
    • Extended-range and low-observable air operations;
    • Directed energy; and
    • Improved power systems and storage.
  • New approaches to forward basing, including hardening of infrastructure (both physical and communication networks), the use of denial and deception techniques and active defense;
  • Countering China’s threats to U.S. space-based surveillance and command and control systems;
  • Assisting allies and friends in the development of or exporting of new technologies that impose smaller-scale anti-access and area denial (A2/AD) costs on China; and
  • Reconstitute and reinvigorate Department of Defense “iterative, carefully adjudicated tabletop exercises and model-based campaign assessments.”[vi]

These approaches[vii] may have much to offer and are commendable, however they suffer from a glaring weakness: none target China’s center of gravity or critical vulnerabilities. They seek to leverage capabilities where the United States appears to enjoy an advantage, such as undersea warfare. For example, while it may be true that the People’s Liberation Army-Navy (PLAN) is not as proficient as the U.S. Navy (or some allies) in the undersea domain, it is also true that the Chinese regime is investing heavily to “close the gap” in these and other capabilities or is developing asymmetric alternatives. The United States will face a diminishing marginal utility as it attempts to maintain or widen the gap, especially in an era when China’s cyberspace-enabled information exploitation capabilities are extremely robust, and capable of transferring intellectual property back to China on a scale unimaginable in the Cold War.

More fundamentally, the offsets proposed are not guided by an overarching grand strategy that utilizes all elements of national power attacking key weaknesses and critical vulnerabilities in the Chinese regime, much in the same way that the Reagan Administration was able to do against the Soviets. Reagan’s policy and strategy represented a “sharp break from his predecessors,” eschewing containment in favor of attacking “the domestic sources of Soviet foreign behavior.”[viii] By recognizing the inherent weakness of the Soviet economic system, the new policy sought to leverage national military, political and economic tools to press the American advantage home, causing the Soviet system to collapse. This is not to suggest that the Chinese economic system suffers from the same malaise as their Soviet brethren did. Despite growing demographic, social and economic headwinds, it is unlikely that the United States can “bankrupt” the Chinese. However, China does have acute vulnerabilities – vulnerabilities which align with unique American advantages.

China’s Center of Gravity and Critical Vulnerabilities

None of the proposed previously mentioned offset lines of effort attempt to identify or target China’s COG. The center of gravity is defined by Milan Vego is “a source of massed strength – physical or moral – or a source of leverage whose serious degradation, dislocation, neutralization, or destruction would have the most decisive impact on the enemy’s or one’s own ability to accomplish a given political/military objective.”[ix] Joint military doctrine defines it as “The source of power that provides moral or physical strength, freedom of action, or will to act.”[x] The center of gravity concept is important to offset strategies because it enhances “the chance that one’s sources of power are used in the quickest and most effective way for accomplishing a given political/military objective.” It is the essence of “the proper application of the principles of objective, mass and economy of effort.”[xi]

Using an analytic construct designed by Vego, we note that any military situation encompasses a large number of both “physical and so-called abstract military and nonmilitary elements.” These are the “critical factors” that require attention and are deemed essential to the accomplishment of the objective, both of the adversary and ourselves. Not surprisingly, these factors encompass both critical strengths and critical weaknesses – both of which are essential. Critical vulnerabilities are “those elements of one’s military or nonmilitary sources of power open to enemy attack, control, leverage, or exploitation.” By attacking critical vulnerabilities, we ultimately attack the enemy center of gravity.[xii] The figure below shows notionally how China’s information control systems are a critical vulnerability (note that it is not all-encompassing).

Figure 2. Notional Center of Gravity Analysis[xiii].
Figure 2. Notional Center of Gravity Analysis[xiii].
According to Vego, it is generally agreed that for most authoritarian/totalitarian regimes, the dictator, central governing party or leadership committee is the strategic center of gravity. In the case of China, the CCP is the sole governing political party. The top leadership of the CCP is the Politburo Standing Committee (or Central Standing Committee), currently made up of seven members and led by General Secretary Xi Jinping. A number of factors permit the continued rule of the CCP, including a massive domestic security apparatus and the world’s largest military, a growing standard of living and state control over media and information available to its people. In many ways, the Chinese leadership have already conducted their own vulnerability analysis and concluded that the free flow of information represents the biggest threat to their power – we can see this in both their words and deeds. China spends more on domestic security than on its own military. The last officially reported figures from the PRC in 2013 show the military budget was approximately 740.6 billion yuan ($119 billion) while domestic security received 769.1 billion yuan ($121 billion).[xiv] Beginning in 2014, the PRC stopped reporting on domestic security spending.[xv] In 2015, the PRC announced an 11 percent increase in “public security” spending to 154.2 billion yuan, or $24.6 billion. However, the total amount spent on domestic security remains unreported, and is certainly much higher, since regional and provincial figures are not provided. The reported military spending was 886.9 billion yuan, approximately $139 billion.[xvi] Fourteen separate state ministries are charged with domestic censorship responsibilities, everything from traditional press and broadcast media to text messages on cell phones.[xvii] A form of self-censorship has been institutionalized with Chinese internet companies being required to sign a “Public Pledge on Self-Regulation and Professional Ethics for China Internet Industry.”[xviii] In short, China has already shown what it fears most and where it is most vulnerable – it has performed its own “COG analysis” and has identified information control as a critical requirement to maintain CCP dominance.

cyber 3
Figure 3. In 2015, the U.S. and China met to discuss recent cyberspace issues.

A Cyberspace – IO Strategy

China’s regime identifies the free flow of information as an existential threat, and has erected a massive bureaucratic complex to censor and restrict free access to the nearly 618 million (and growing) Chinese internet uses (and 270 million social network users).[xix] However, the very nature of the Internet as a networked system makes censorship and restricted access difficult to maintain. As has been shown, China’s information control systems represent a critical vulnerability to their center of gravity. China’s network security is managed by a fragmented, disjointed system of “frequently overlapping and conflicting administrative bodies and managing organizations.”[xx]

China’s cyberspace operations and strategy are driven primarily by domestic concerns, with its central imperative being the preservation of Communist Party rule. Domestic security, economic growth and modernization, territorial integrity and the potential use of cyberspace for military operations define China’s understanding. Even its diplomatic and international policies are built around giving China maneuvering room to interpret international norms, rules and standards to serve domestic needs, principally through the primacy of state sovereignty. This creates a natural tension, as China must seek to balance economic growth and globalization with maintaining the Party’s firm grip on power. Not only is Internet usage controlled and censored, but it is also a tool for state propaganda.[xxi]

Chinese authorities use a number of techniques to control the flow of information. All internet traffic from the outside world must pass through one of three large computer centers in Beijing, Shanghai and Guangzhou – the so-called “Great Firewall of China.” Inbound traffic can be intercepted and compared to a regularly updated list of forbidden keywords and websites and the data blocked.[xxii] Common censorship tactics[xxiii] include:

  • Blocking access to specific Internet Protocol (IP) addresses;
  • Domain Name System (DNS) filtering and redirection, preventing the DNS from resolving or returning an incorrect IP address;
  • Uniform Resource Locator (URL) filtering, scanning the targeted website for keywords and blocking the site, regardless of the domain name;
  • Packet filtering, which terminates Transmission Control Protocol (TCP) transmission when a certain number of censored keywords are detected. This is especially useful against search engine requests.
  • “Man-in-the-Middle” attack, allowing a censor to monitor, alter or inject data into a communication channel;
  • TCP connection reset, disrupting the communication data link between two points;
  • Blocking of Virtual Private Network (VPN) connections; and
  • Network Enumeration, which initiates an unsolicited connection to computers (usually in the United States) for the purpose of blocking IP addresses. This is usually targeted against secure network systems or anonymity networks like “Tor.”

cyber 4
Figure 4. Simplified Chinese Firewall Topology[xxiv].
China also heavily regulates and monitors Internet service providers, Internet cafes, and university bulletin board systems. It requires registration of websites and blogs, and has conducted a number of high profile arrests and crackdowns on both dissidents and Internet service providers. This “selective targeting” has created an “undercurrent of fear and promoted self-censorship.” The government employs thousands who monitor and censor Internet activity as well as promote CCP propaganda.[xxv]

China’s information control regime is vulnerable on a number of levels to a coordinated strategy that seeks to hold it at risk. From a technical standpoint, the distributed nature of the internet makes it inherently vulnerable, the “Great Firewall” notwithstanding. The techniques used to filter and block content have a number of workarounds available to the average person. For example, IP addresses that have been blocked may be accessed utilizing a proxy server – an intermediary server that allows the user to bypass computer filters. DNS filtering and redirection can be overcome by modifying the Host file or directly typing in the IP address (64.233.160.99) instead of the domain name (www.google.com). These are simple examples that a novice government censor can easily outwit, but the point remains.

China has long been rightfully accused of being a state-sponsor of cybercrime and theft of intellectual property. One negative consequence of this from China’s perspective is the high level of cybercrime within China “due in large part to rampant use and distribution of pirated technology” which creates vulnerabilities. It is estimated that 54.9 percent of computers in China are infected with viruses, and that 1,367 out of 2,714 government portals examined in 2013 “reported security loopholes.”[xxvi] China’s networks themselves, by virtue of their size and scope, represent a gaping vulnerability.

At the same time, China’s information control bureaucracy is especially unwieldy. This is an ideal target to exploit the seams and gaps both horizontally and vertically in their notoriously byzantine structure. The fourteen agencies that conduct internet monitoring and censorship operations must all compete for resources and the attention of policy makers, leading to organizational conflict and competition. Any strategy should exploit these fissures, complicating China’s ability to control information.

Part 2 will outline several lines of effort the U.S. might pursue to attack China’s critical vulnerabilities in its information control system. It will advance the notion that the full range of American power – overt, covert, diplomatic, economic, information and military – must be coordinated and managed at the national level to wage a successful information operations campaign. Based on America’s past success, the future may be brighter than it first appears. Read Part 2 here.

LT Robert “Jake” Bebber USN is a Cryptologic Warfare Officer assigned to United States Cyber Command. His previous assignments have included serving as an Information Operations officer in Afghanistan, Submarine Direct Support Officer and the Fleet Information Warfare Officer for the U.S. Seventh Fleet. He holds a Ph.D. in Public Policy from the University of Central Florida. His writing has appeared in Proceedings, Parameters, Orbis and elsewhere. He lives in Millersville, Maryland and is supported by his wife, Dana and their two sons, Vincent and Zachary. The views expressed here are his own and do not reflect those of the Department of Defense, Department of the Navy or U.S. Cyber Command. He welcomes your comments at jbebber@gmail.com.

[i] Charles Hagel. “The Defense Innovation Initiative .” Memorandum for Deputy Secretary of Defense. Washington, D.C.: Department of Defense, November 15, 2014.

[ii] Robert Bebber. “Countersurge: A Better Understanding of the Rise of China and the Goals of U.S. Policy in East Asia.” Orbis 59 no. 1 (2015): 49-61.

[iii] Kissinger, Henry. On China. (New York, NY: Penguin Books, 2012).

[iv] David Lai. “Learning from the Stones: A Go Approach to Mastering China’s Strategic Concept, Shi.” U.S. Army War College Strategic Studies Institute. May 1, 2004, accessed Decmeber 26, 2014. http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubID=378

[v] Shawn W. Brimley. “The Third Offset Strategy: Security America’s Military-Technical Advantage.” Testimony Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014.

[vi] David.Ochmanek. “The Role of Maritime and Air Power in the DoD’s Third Offset Strategy.” Testimoney Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014.

[vii] This list is certainly not exhaustive. For a more thorough review of the ones mentioned, see:. Brimley, Shawn W. “The Third Offset Strategy: Security America’s Military-Technical Advantage.” Testimony Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014. Martinage, Robert. “Statement Before the House Armed Services Subcommittee on Seapower and Projection Forces on the Role of Maritime and Air Power in DoD’s Third Offset Strategy.” Testimony Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014. Ochmanek, David. “The Role of Maritime and Air Power in the DoD’s Third Offset Strategy.” Testimoney Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014.

[viii] Thomas G. Mahnken.”The Reagan Administration’s Strategy Toward the Soviet Union.” In Successful Strategies: Triumphing in War and Peace from Antiquity to the Present, by Williamson Murray and Richard Hart Sinnreich. Cambridge: Cambridge University Press, 2014.

[ix] Milan N. Vego. Joint Operational Warfare – Theory and Practice. (Newport, RI: Government Printing Office, 2007) VII-13-29.

[x] Joint Chiefs of Staff. Joint Publication 5-0: Joint Operational Planning. (Washington, D.C.: Department of Defense, 2011).

[xi] Vego, Joint Operational Warfare – Theory and Practice, VII-15

[xii] Ibid, VII-15.

[xiii] Joint Publication 5.0 defines Critical Capability as “A means that is considered a crucial enabler for a center of gravity to function as such and is essential to the accomplishment of the specified or assumed objective(s);” Critical Requirement as “An essential condition, resource, and means for a critical capability to be fully operational;” and Critical Vulnerability as “An aspect of a critical requirement which is deficient or vulnerable to direct or indirect  attack that will create decisive or significant effects.”

[xiv] Ben Blanchard and John Ruwich. “China Hikes Defense Budget, To Spend More on Internal Security.” Reuters, March 5, 2013, accessed December 23, 2014.http://www.reuters.com/article/2013/03/05/us-china-parliament-defence-idUSBRE92403620130305  

[xv] Michael Martina. “China Withholds Full Domestic Security-Spending Figure.” Reuters, March 4, 2014, accessed September 25, 2015.  http://www.reuters.com/article/2014/03/05/us-china-parliament-security-idUSBREA240B720140305

[xvi] Ting Shi and Keith Zhai. “China To Boost Security Spending as Xi Fights Dissent, Terrorism.” Bloomberg News, March 5, 2015 accessed September 25, 2015. http://www.bloomberg.com/news/articles/2015-03-05/china-to-boost-security-spending-as-xi-fights-dissent-terrorism

[xvii] Michael Wines, Sharon LaFraniere, and Jonathan Ansfield. “China’s Censors Tackle and Trip Over the Internet.” The New York Times, April 7, 2010, accessed December 23, 2014.http://www.nytimes.com/2010/04/08/world/asia/08censor.html

[xviii] Biena Xu. Media Censorship in China. February 2014, accessed December 23, 2014. http://www.cfr.org/china/media-censorship-china/p11515

[xix] Ibid..

[xx] Amy Chang. Warring State: China’s Cybersecurity Strategy. (Washginton, D.C.: Center for a New American Security, 2014) 12.

[xxi] Rebecca MacKinnon. “Flatter World and Thicker Walls? Blogs, Censorship and Civic Discourse in China.” Public Choice 134 (2008): 31-46.

[xxii] Michael Wines, Sharon LaFraniere, and Jonathan Ansfield. “China’s Censors Tackle and Trip Over the Internet.”

[xxiii] Jonathan Zittrain, and Benjamin Edelman. “Empirical Analysis of Internet Filtering in China.” Harvard Law School Berkman Center for Internet and Society. March 20, 2003, accessed December 23, 2014. http://cyber.law.harvard.edu/filtering/china/

[xxiv] Available at: https://news.ycombinator.com/item?id=4931595

[xxv] Thomas Lum, Patricia Moloney Figliona, and Matthew C. Weed. China, Internet Freedom, and U.S. Policy. Report for Congress, (Washington, D.C.: Congressional Research Service, 2013).

[xxvi] Amy Chang. Warring State: China’s Cybersecurity Strategy. 15.