National security interests generally guide and develop states’ policy formulation particularly when governments factor in political, diplomatic, military, economic, and societal considerations into their strategic goals.  These security interests are often shared by many if not all states, though how they pursue them varies depending on the government spearheading these efforts.  In essence, states will interpret what these national security issues mean to the government and how they apply to the state overall and will decide the courses of action to pursue in order to meet their national security needs and expectations.  This principle is fundamental to any sovereign government regardless of its political ideology.

China’s national security interests revolve around three core issues: its national sovereignty, the security of its sovereign interests, and its economic growth.  Current President Xi Jinping has repeatedly used the word “national security” in speeches before the Chinese Communist Party to underscore its importance to China’s continued rise as a global leader.  According to a recent study, Xi added five new areas to its national security interest to the original 11 announced in 2011.  The sixteen areas of China’s national security include:

• Political Security
• Territorial Security
• Military Security
• Economic Security
• Cultural Security
• Societal Security
• Tech Security
• Cybersecurity
• Ecological Security
• Resource Security
• Nuclear Security
• Bio Security
• Space Security
• Polar Security
• Deep Sea Security
• Overseas Interests Security

Its Ministry of Defence has integrated its official defense security policy into China’s larger national security umbrella into highlighting sovereignty, political and internal stability, and economic development as fundamental goals for China in the new security era.  Indeed, the focus on “comprehensive national security” is critical part of its plan toward achieving self-reliance and securitization.  China’s cyber espionage program has and continues to target foreign entities in all of the above areas.

How China interprets these national security interests is paramount in understanding how, why, and when it uses cyber operations.  Though each of these security tenets is broad, they are instrumental in seeing how China perceives the world, and what it believes is its rightful portion of it.  Territorial integrity is vital to China’s core national security concerns as its steadfast positions on Taiwan reunification, island disputes in the South China Sea, the Arctic, and even space show a commitment to preserving this view of its sovereignty.  But the same can be said for its economy, as Xi has called financial stability paramount to national security, and which China has continued to develop in order to limit its dependence on foreign suppliers.  Therefore, it is unsurprising that China’s economic approach has implemented a three-prong strategy of industrial policy, increasing its legal and regulatory economic security framework, and using its economic influence as a tool of statecraft.  And why cyber espionage factors so significantly toward that end as compared to other nations narrower and in some cases more limited use of cyber espionage.

So, what does this have to do with Chinese cyber operations?  Well, everything.

It is no secret that China relies on its cyber operations for data theft, cyber espionage, and monitoring more so than conducting disruptive or destructive acts.  Chinese is an aggressive surveillance state whose robust soft power capabilities are seen across the information spectrum via propaganda, disinformation, and influence campaigns. Militarily, the data theft has helped China create military assets very similar to those of the United States, bypassing the need to engage in its own long research and development to produce comparable products.

Senior U.S. intelligence officials estimated that Chinese cyber espionage activities against the United States amounts to approximately USD 600 billion a year.  When considering a 20-year span of these activities (covering the time when Chinese cyber espionage was first detected), the cost balloons to between USD 4 -12 trillion.  Moreover, the fruits of these activities have tremendously benefited Chinese companies via the theft of sensitive data and trade secrets. There are many examples rife of Chinese economic spying, but a paper titled Understanding the Chinse Communist Party’s Approach to Cyber-Enabled Economic Warfare reveals several instances that show the correlation between espionage and the Chinese companies that benefit from its theft. This makes sense given China’s goals of becoming the number one economy in the world, a position of great soft-power influence.  China’s commitment toward this end is echoed in Xi’s recent promise of implementing more “forceful tools” to achieve China’s economic goals, a nod to policy and regulatory measures, but certainly where cyber espionage can play an integral supportive role.

It is difficult and a mistake to separate Chinese cyber espionage activities that target private companies and defense contractors, for example, because both contribute to supporting China’s larger national security interests and strategic objectives. This explains why China’s cyber espionage apparatus is not always clandestine machine (although certain campaigns can be given the target, the importance, and the purpose) but a comprehensive one that adjusts to changing priorities.  This also explains why every sector and industry have been targeted by suspected or attributed Chinese state actors. If an economy is owned by the state and run by the state through primarily state-owned enterprises (SOE), it invariably follows that the execution of commercial cyber espionage for advantage is probably perceived as much of a national security imperative as other national security goals like military modernization.  Both serve the vital function of keeping the Chinese Communist Party in power and sustaining Chinese power, stature, and influence.

One article reported that the U.S. government has conceded that its cyber espionage activities are for its national security purposes, drawing a clear line between that and activities that are more akin to supporting the market share and influence of private companies.  While that is how the United States views the use of cyber operations, it does not represent the collective world position, and it should stop using that argument when trying to address China’s cyber program or insinuate that cyber espionage in one form is more acceptable than the other. This is a needless semantics argument and one that matters little given the increasing volume of hostile state-sponsored activity that is perpetuated globally by a variety of governments.

Recently, the United States confirmed its first cyber ambassador, an individual who in July chaired a meeting about confronting the reality of a fragmented Internet, or splinternet, governed by nation cyber sovereignty.  The meeting intimated that the dream of an open, secure global network not only has not been achieved, but also would unlikely ever to be realized. This sobering conclusion is an essential beginning point from which to approach cyber policy because the United States acknowledges the unvarnished realities of the world, a realization that will ideally translate into Washington’s willingness to work within those parameters with the understanding that United States may have to make its own concessions on cyber issues in favor of the betterment of the larger whole.

Similarly, the United States must abandon the “China is bad because it uses cyber espionage to support its economy” position.  Washington also needs to acknowledge that not every nation preserves its national security in the same way, and that cyber espionage is a vital means Beijing leverages to support its strategic goals.  Continued failure of establishing international enforceable norms and standards sustains an environment where there is no legal accountability for state actions, making rules of virtual engagement dependent on the state. If China believes cyber-enabled economic espionage is in its national security interests, then so be it.  By making that transparent and putting it on the table, Washington can now develop an appropriate engagement policy – whether that be combative, prohibitive, or cooperative, or a combination thereof – that can be translated across the political, economic, and military spectrums under a unform strategy.

Failure to acknowledge that cyber espionage is a key instrument that supports the three core areas of China’s national security risks continued misinterpretation of Beijing’s actions in cyberspace.  Theft of data on any level and in any sector supports the greater Chinese goal of rising. This may explain why U.S. responses and countermeasures have been ineffective thus far, as it selects where to draw hard lines against China, and where it does not. Like slaying the Hydra, cutting off some of the heads only allows other ones to emerge.  China’s cyber espionage program is what helps those other heads to grow.

Also See:

 

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency

Community

The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community