Are We Exaggerating China’s Cyber Threat?


On May 8, U.S. State Department spokesman Jeff Rathke complained that China had used an offensive cyber capability “to interfere with the ability of worldwide internet users to access content hosted outside of China.” Experts feared China had hijacked traffic intended for domestic servers and re-routed to conduct a malicious attack on American sites.

In March, the American coding repository, GitHub, reported intermittent outages amid a multiday cyber attack, which redirected traffic from the popular Chinese search engine Baidu to pages linked to The New York Times Mandarin-language site and — a tool utilized by Chinese netizens to steer around the Great Firewall. Both sites are banned in the mainland. Researchers say an offensive Chinese cyber attack system called the “Great Cannon,” which captures traffic in China and fires it out at offending sites, perpetrated the attack.

So how much should we worry about China’s cyber capabilities?

Enjoying this article? Click here to subscribe for full access. Just $5 a month.

Not much, according to Professor Jon R. Lindsay’s new policy brief, published by Harvard University’s Belfer Center. Public record on U.S. and Chinese cyber capabilities remains scant, but Lindsay suggests that the U.S. is gaining an “increasing advantage,” evidenced by a new DARPA program launched in 2012, and the use of the Stuxnet worm to damage computer systems at an Iranian nuclear enrichment facility in 2010. In America’s private cyber industry, the name of the game has shifted from defense to offense.

But China’s interest in developing cyber capabilities is political, not military, Lindsay argues, prompting incursions into foreign digitized space to suppress dissent, in the case of GitHub, or to steal secrets from adversaries. Even so, “lax law enforcement, and poor cyber defenses leave the country vulnerable to both cybercriminals and foreign spies,” Lindsay notes, suggesting that China struggles to use the information it comes away with for political gain. China’s successful campaigns target NGOs and private sector companies, and “do nothing to defend China from the considerable intelligence and military advantages of the United States.”

That doesn’t mean that the PLA isn’t busy playing catch-up. In a recent issue of The Science of Military Strategy, put out by the military’s chief research institution, analysts concede that the PLA indeed possesses network attack forces inside of intelligence and civilian wings of government, including the Ministry of State Security and the Ministry of Public Security. It suggests that the military will deal with critical infrastructure targets, like electrical grids and gas pipelines, while smaller, nimbler hacking units like Axiom, which has been suspected in intrusions against Fortune 500 companies and pro-democracy groups, will focus on industrial targets.

But making that leap will be challenging, and would force China to walk back its global positions on cybersecurity. Beijing hopes to become a leader on that front and has been heavily promoting its concept of “internet sovereignty” as the basis for international standards of behavior in cyber space. China wants to defend “internet sovereignty” at all costs. Any future cyber attack would probably be justified on those grounds.

That’s also a self-limiting belief. While it has allowed home-grown giants like Weibo, Alibaba, and Baidu to flourish, China’s exclusion of American companies and know-how put it at a serious disadvantage in building robust cyber capabilities. China’s own approach to these issues could prevent Beijing from reaching its cyber potential.

Sign up for our weekly newsletter
The Diplomat Brief