Illumio Blog
November 30, 2018

China Is the Top Long-Term Threat in Cyberspace

Jonathan Reiber,

Find me on:

This article was originally published on nextgov.com

China is rising in economic and military might and presents the greatest long-term challenge to U.S. national interests—including in cyberspace. Three weeks ago, the current U.S. national security advisor, John Bolton, for the first time publicly attributed the hack of the Office of Personnel Management to China.

China is investing in military cyberspace forces and today’s cyber theft could be tomorrow’s influence operation or disruptive attack on infrastructure. So what should the United States do to prepare for the rise of Chinese power in cyberspace?

Prepare to “stop threats before they hit their targets.” The United States military is rightly focused on developing defensive means to disrupt an adversary’s offensive cyberspace infrastructure to stop attacks. To date, U.S. responses to Russian, Chinese, Iranian and North Korean operations have been limited to indictments or sanctions and it hasn’t stopped them from escalating in cyberspace. If the U.S government has indications and warnings of an incoming cyberattack from Russia, China or any other adversary, it needs to be able to block the operation and “stop threats from hitting their targets” as the new Defense cyber strategy says. The United States cannot allow a country to interfere in our election through cyberspace again, or turn off the lights on the electric grid as Russia did in Ukraine.

Secure U.S. critical infrastructure against breach. To deter China over the long term, the government may need to impose costs. But the country also needs to invest to deny attacks from causing damage. The fact is U.S. organizations haven’t effectively secured their data.

Consider the case of OPM. One of the smallest agencies of the U.S. government, OPM holds the personally identifiable information for the U.S. federal government workforce. In 2014-2015, China broke past OPM's perimeter defenses, moved laterally throughout the network, and as WIRED reported, “gained access to every nook and cranny of OPM’s digital terrain.” The data center doors at OPM were left open and the Chinese walked through the house and stole the personally identifiable information of 21.5 million employees across the U.S. federal government.

Beyond perimeter defenses like multi-factor authentication, organizations need to invest in security to prevent intruders from moving laterally within a data center or cloud environment. Segmenting networks and data is like putting the doors into a submarine: It prevents breaches from spreading throughout the hull. If every critical infrastructure owner in the United States used micro-segmentation, the Chinese would be frustrated and further deterred.

Harden U.S. weapons systems. The Pentagon declared(again) last month that nearly every U.S. weapons platform is vulnerable to cyber exploitation. The U.S. military retains a conventional advantage against China in Naval power projection (i.e., aircraft carriers) and air power projection (i.e., F-22s and F-35s)—but not if China uses cyberspace and electromagnetic capabilities to disrupt U.S. weapons platforms. Since World War II, the U.S. military has underwritten security and stability across the Asia-Pacific. For that trend to continue the Defense Department needs to focus intently on securing its most important weapons platforms.

Surpass China’s advanced Science and Technology capabilities. Advanced, stealth conventional weapons capabilities can help offset the asymmetric advantage of cyberspace. This is why the Defense Department initiated the Third Offset strategy previously: to ensure the United States retains its technological advantage over the long-term. Reports over the summer indicate that China may have already developed a rail-gun capable of firing electromagnetic projectiles at rapid speed and great distance; the United States needs to keep its foot on the innovation pedal to stay ahead and develop powerful weapons platforms to control escalation.

Establish adaptive diplomacy and alliances across Eurasia. China is using the Belt and Road Initiative to extend its technological influence across Eurasia. In the darkest story, a larger IT infrastructure could give China additional platforms for cyberspace operations. The U.S. government should work with private industry to alert its allies to the risks of Chinese influence and try to control risk.

China’s economic rise is good news: Chinese innovation and economic growth have raised millions out of poverty, and the United States and China should pursue a cooperative relationship that allows for mutual prosperity. This is not only possible but required as there is no real positive future in which these two great powers exist in a state of conflict. Yet there can be no doubt that China is expanding its military and technological strength, including in cyberspace. Cooperation and competition must exist in balance—and the public and private sector both have a role to play in managing cybersecurity risk over the long-term.

Topics: cybersecurity

Share this post: