Unraveling China’s Cybersecurity Threat Byte by Byte
Setting the Stage
When two countries go to war, you can imagine tanks, aerial bombing, and battleships locked in combat. What you don’t imagine is a cyberattack. Yet as the US prepares on all fronts for conflict, whether that’s political conflict with Russia and the Middle East, or economic conflict with China, cyberattacks are just another branch of the military. In February 2024, the US CISA (cybersecurity agency) reported that state-sponsored cyberattack organizations were the biggest Chinese threat to the US. What I will do is break down the history of how this has happened, why it’s happening, what the major impacts on the US are, and what policies I think will help the US double down on it’s critical infrastructure and ensure cyber attacks do not grow at the rate they have been for the last several years.
Infiltration
Volt Typhoon. Sounds like a music group, a cool sports team name, but is really a CCP-sponsored cyberattack organization. CISA reports that Volt Typhoon has possibly been “hiding,” or having gained access to 3,300 vulnerable utilities. This means that Volt Typhoon has actively been siphoning intellectual knowledge, and personal data, and is poised to strike the most important energy companies, water supply, and basic necessities of the United States. Why? Simply put, China believes this puts them in a position of power, where they would be able to strong-arm the US in times of conflict. But zooming out to look at the bigger picture, we know that cyberattack has for long been a tool of power. Russia has, many times, inflicted cyberattacks on major companies. For example, cybersecurity has been a concern for Microsoft for the last several months, and groups such as Cozy Bear have been responsible for attacks on power supply and electrical grids, especially in Ukraine. WannaCry, arguably the largest ransomware attack, has been linked to North Korea. The United States has conducted cyberattacks on Middle Eastern regimes and attacked Iranian warships, and has historically used cyberattacks to add pressure in times of war.
Now, what’s the impact of all this? Firstly, when China gets access to these critical companies in the US, including electric companies, manufacturing companies, and technology companies, they gain a clear bargaining chip. Should the US ever come to attack China or engage in warfare, China hopes they can use the threat of mass and coordinated cyberattacks, which could end up hampering the productivity of the US economy by 46% or more. Even though currently, this is not happening, there are still other uses for a cyberattack. For example, China has been rapidly developing its economy in the last few decades. I would argue that a large part of this policy has been due to cyberattacks. When China identifies an industry, or a group of industries to excel in, they usually use cyberattacks as a way to steal intellectual property. Most of the time, this goes unreported, or businesses and the US do not have an adequate way of fighting back. Thus, China develops technology just like that of the US, and reaps economic benefits. We’ve already seen this model play out with AI and technology, as well as the energy and health sectors. Just a week ago, many health companies were hit and personal information was lost.
Which brings me to my 3rd point — personal information is key for cyberattacks. This allows them to develop algorithms, sell this information to 3rd parties, and is a great way to — unethically — improve a company’s hold on a market. Chinese leadership has been able to provide state-controlled media, energy, and technology companies with the intellectual property and data derived from access to US companies. The US’s fate hangs in the balance of this problem, with everything depending on how the US responds. Unless better policy decisions are made, a cyberwar IS coming.
Where do we Stand?
The United States is arguably the greatest technological, political, and economic power in the world — or at least acts like it. So I don’t buy the argument that it’s in the US’s best interests simply to negotiate and bow down to these cyberattacks from China, which will only signal other geopolitical foes like Russia that the US wouldn’t fight back. Looking over what a couple of other organizations, like CNN and The Week, have reported, I have a couple of ideas on what the US could — and should — do. Let’s not forget that the government has a duty to protect private infrastructure and national security, all of which impact its constituents. And now, these same private companies are fed up, after losing an average of 5.4 billion dollars in market capitalization post-cyber attack.
Firstly, the US needs to set a hard line with China. I know that there are other variables in the US-China equation involving economic policy and other nations, but the US needs to stop letting itself get pushed around. The last several years of economic policy have been easier on China, which handicaps US technological independence.
Second, there’s a plethora of cyber-related policies, from allowing businesses to have more leeway on cyber software and expediting defense software, to requiring businesses to share cyber-attacks in real-time. Reverse engineering, where attack patterns are used to engineer defenses is also an option. My point is that by simply looking into a lot of what China is doing to attack the US would give us a better defense capability, compared to right now, where we have been backed into a corner but are still looking the other way.
Lastly, I’ll conclude with an idea that the US could use counterattacks to the extent where we attack the infrastructure of organizations like Volt Typhoon and gain enough intel on these organizations to coordinate international pressure. This hasn’t necessarily been popular with US governments, but it’s high time the US started taking cybersecurity seriously enough to deter its enemies. We hear stories about the US and businesses scrambling to defend against these attacks, but we never hear stories about the US considering ways to fight back against these organizations. Without some initiative, we will just keep “fixing” our defenses and hoping the next attack doesn’t come.
