Why Isn’t China Salami-Slicing in Cyberspace?

Recent Features

Features | Security

Why Isn’t China Salami-Slicing in Cyberspace?

It’s time to start thinking about engaging with the digital variant of this favorite Chinese foreign policy dish.

Why Isn’t China Salami-Slicing in Cyberspace?
Credit: Illustration by Catherine Putz

China’s efforts to increase its sphere of influence have been well documented. From academic reports to think tanks papers and coverage on this website, China’s attempts have been subject to a wide range of research. A central feature in these efforts has been so-called salami-slicing tactics. This tactic of incrementally advancing interests and challenging existing dominances and norms, resulting in increased pressure and geopolitical tensions, has taken place across many domains. From the economic to military and political, salami-slicing tactics and cabbage strategies have become core components of the Chinese military and security diet, and with laudable success.

China’s salami-slicing practices date back to the 1950s when the newly formed People’s Republic of China (PRC) eventually secured control of parts of Jammu and Kashmir between 1954 and 1962. Another successful use of this tactic is observable in China’s slow but steady acquisition of much of the South China Sea (SCS) through the step-by-step occupation, encompassing military clashes between China and South Vietnam, of the Paracel Islands in 1974, the Johnson Reef in 1988, and the Mischief Reef in 1995. In 2012, China gained control of the Scarborough Shoal. Through the use of such tactics, China has established effective military control at many points in the SCS, has increased its influence over several of its neighbors, is securing influence over critical economic infrastructure such as ports and communication networks throughout the region and has used its economic power, political clout, and military might to set the region’s dynamics to its favor. The approach has resulted in a China that has been increasingly assertive while expanding its ambitions and demands.

While this is certainly the case in several domains, foremost the physical to date, China has not done so in the cyber domain. For the moment, it appears as China’s cabbage and salami tactics are confined to the physical domain rather than being carried forward and applied to the cyber domain. This raises the question of why China’s appetite has thus far centered on the physical domain, particularly given that the digital sphere presents itself as an ideal environment for salami-slicing tactics. Given China’s prior actions and embrace of new technologies, cyber salami would make for a logical dish in its foreign policy and security cuisine. Not only has Beijing excelled in salami-slicing, as we have previously argued in our article, “Hybrid Warfare in the South China Sea,” China has demonstrated its eagerness to incorporate novel technologies into its security repertoire. Given China’s cyber power – being a leading global actor in offensive cyber operations – China’s evident reluctance to engage in a cyber salami campaign raises several questions.

The absence of digital salami first invites the question of what such a campaign would look like. To date, even though China’s rapid territorial expansion and ambitions have attracted sizeable attention from the United States and its allies, efforts resorting to the flex of military might and those falling just short of war have failed to bring China’s ambition calculations and moves to a standstill. Rather, China looks emboldened to increase its power and reach via these tactics. A cyber salami-slicing campaign can be served by the physical domain salami-slicing performed in the past, serving as emboldening models, and would fit neatly in China’s desires to increase its political clout in the region and beyond.

A Chinese cyber salami-slicing campaign could exist as an escalatory cyber campaign. Starting with simple disruptive actions such as distributed denial-of-service (DDoS) attacks, it could, slowly and gradually, see an escalation of forays into the digital realm – in quality, quantity, and aims. From DDoS aggressions it could seek to apply pressure to an opposing state via cyber political warfare, along the lines of the infamous “fake news” campaign, seeking to change the information narrative, interfering in elections and other political processes. Ultimately, such a campaign could result, as the final step of an escalatory cyber ladder, in destructive attacks against targets in the physical domain. Accordingly, the campaign might operate with an impact scale that ranges from disruptive attacks, based on a short time frame and scale, to strikes against critical infrastructure, with national-level consequences in both the short and long-term.

China has engaged in some degree of what could part be considered digital salami tactics: During the 2012 Scarborough Shoal standoff, there was a limited cyber conflict, with Chinese hackers vandalizing the website of the University of the Philippines. Likewise, in the wake of Taiwan’s 2016 elections, patriotic Chinese bombarded the newly elected Tsai Ing-Wen’s Facebook page with messages. Finally, in recent weeks Chinese citizens flooded Hong Kong social media network pages and sites with pro-China messages. These efforts are, however, orchestrated by non-state actors, sanctioned to an extent by the government, but are nevertheless a far cry from the well-executed physical salami campaigns led by the government. Furthermore, these were reactions to political events and not part of a larger political campaign in which China sought to gradually increase pressure and extend its sphere of influence.

A fundamental component of any successful cyber salami-slicing move by China would be to ensure that the costs of the combined tactics and thus overall strategy are below the costs of retaliation. For example, in what has become a relatively common response to unwanted behavior is the use of economic sanctions, with the cases of Huawei and the ZTE telecommunications and systems company. However, the value of economic sanctions as deterrence depends on the extent to which an opposing actor can economically injure China. This would be greatly limited however given China’s economic clout and momentum. In particular, sanctions-as-deterrence would be limited for regional actors, who are largely dependent on the well-functioning of trade with China. Moreover, no country in East Asia would have the capacity to hurt China economically through the use of sanctions. Should the aggregate cost of sanctions, a power response short of the costly or likely costlier possibility of military commitment and consequences of violent conflict, fall below a particular level, the response could be expected to do little in terms of deterrence.

This could simultaneously establish an undesirable response through patterned mutual behavior ultimately reinforcing the overall benefits of salami-slicing in the cyber domain, especially when coupled with the strategic use of time. This is all supported by the breadth of the fifth domain as a gray area in which established rules and norms – as present in other physical domains – is essentially absent. Theoretically, the most viable deterrence could consist of offensive cyber operations by opposing actors, seeking to digitally undertake a tit- for-tat approach. However, given China’s clear advantage in the cyber realm – it remains qualitatively among the world’s leading offensive cyber actors and has quantitative advantage few other nations can compete with – one might plausibly expect such a tactic to yield a limited deterrence effect. In theory, opposing actors could seek to strike at Chinese cyber targets – state and private – though attacks of this kind would almost assuredly increase the risk of escalation beyond the cyber domain, increasing security tensions in the physical domain, and creating an eruption of armed and violent conflict among states.

Where China retains a strong advantage is the potential impact its salami-slicing might have on the civilian and military critical infrastructure of neighboring states or those further abroad. For example, whereas much of China is still state-controlled, a great deal of the United States’ infrastructure is privately controlled and operated. Smaller companies and firms are less-equipped with requisite instruments for deterring or defending against large and small-scale threats and attacks. Much uncertainty orbits the application of salami-slicing in the cyber realm given that countries have only really practiced singular attacks over previous years with no systematic or counter-cyber-salami deterrence strategy having unfolded. As critical infrastructure systems are increasingly operated or controlled by computers, the realm of opportunity to access and disrupt them increases considerably.

Given China’s love for salami dishes as well as the obvious benefits of digital salami-slicing, the question persists as to why China has not more actively engaged in offensive operations in the cyber domain. While it has yet to do so, it seems appropriate for regional actors – those that would most likely be subject to Chinese assertive behavior – to begin planning for countering salami-slicing operations in cyberspace. Among the leading issues here will be how to develop a credible deterrence ability that would ensure that if cyber salami is used, actors have sufficient cyber capabilities to ensure that escalations are not likely. The experiences with salami-slicing in the physical domain have illustrated that once deployed effectively, few opportunities exist to reverse the situation. Rather, it leads to a gradual calibration of the status quo. As such, it seems imperative for regional actors to start thinking of how to effectively engage with the digital variant of this Chinese foreign policy dish.

Tobias Burgers is a Project Assistant Professor at the Cyber Civilization Research Center, Keio Global Research Institute, Keio University.

Scott N. Romaniuk is a Postdoctoral Research Fellow in Security Studies at the China Institute, University of Alberta.