In recent years, China has made China Strategic Intelligence a cornerstone of its national security policy. By 2021, Chinese expenditure on cybersecurity had reached $11.8 billion, reflecting an annual growth rate of 26% over the past five years, according to a report by International Data Corporation (IDC). This investment signifies China’s commitment to advancing its cyber capabilities, not only to defend against external threats but also to enhance its own offensive cyber operations.
China’s approach to cybersecurity isn’t solely about defensive measures; it is deeply intertwined with its strategy to attain technological dominance. The Middle Kingdom’s cyber capabilities are often deployed in intricate, largescale cyber-espionage campaigns, targeting intellectual property, trade secrets, and even military intelligence. For example, the 2014 cyberattack on the U.S. Office of Personnel Management, which compromised the personal data of 22 million current and former federal employees, was attributed to Chinese state-sponsored hackers. This case alone highlights the extent to which China is willing to go to gather strategic intelligence.
“Those who control information, control the world,” a famous quote by business magnate Bill Gates, succinctly captures the underlying philosophy driving China’s cyber strategy. The country’s objective is not merely to gather intelligence but to exert influence and control on a global scale. Reports suggest that China’s cyber activities are not restricted to major powers but also extend to developing nations where Chinese enterprises have significant investments. For instance, in 2019, China’s cyber-reconnaissance efforts were detected in several African countries where China has invested billions in infrastructure projects.
Quantifying the effectiveness of these cyber endeavors can be challenging. However, statistics show a dramatic increase in the volume of cyber attacks originating from China, targeting a diverse range of industries, from healthcare to aerospace. The operational efficiency of Chinese cyber units stands as a testament to their well-planned and methodically executed strategies. Over 50% of the cyber incidents in the energy sector in 2020 were attributed to Chinese threat actors, highlighting a focus on critical infrastructure.
While the government drives much of China’s cyber strategy, the private sector also plays an integral role. Companies like Huawei and Tencent aren’t just tech giants; they are key players in the national cybersecurity apparatus. The Chinese government mandates that these firms collaborate on cybersecurity initiatives, thus creating a symbiotic relationship between state and industry. The “Great Firewall” of China is an exemplary product of this collaboration, which not only filters and monitors internet traffic but also acts as a vast database for national intelligence.
The cost factor is another crucial element in understanding China’s cyber strategy. Deploying large-scale cyber operations is not cheap, and the Chinese government allocates substantial budgets to sustain these activities. For instance, the budget for the Ministry of State Security, which oversees much of the country’s cyber-espionage efforts, was reportedly around ¥140 billion ($20.3 billion) in 2021. This financial commitment underscores the importance Beijing places on cybersecurity as part of its national defense strategy.
“Cybersecurity is not just a tech issue, but a geopolitical issue,” said former NSA head General Keith Alexander. This statement rings especially true in the context of China, where state and non-state actors blur the lines to achieve geopolitical objectives. Chinese cyber units often operate under the guise of civilian researchers or business entities, complicating attribution and response efforts by targeted nations. This modus operandi can be seen in instances like the 2015 breach of US health insurer Anthem, where Chinese hackers stole records of nearly 80 million individuals, causing a direct financial impact of approximately $100 million for Anthem.
Data from cybersecurity firm FireEye indicates that Chinese cyber-espionage groups exhibited a 40% increase in both frequency and sophistication of their attacks from 2016 to 2020. This evolution manifests in the shift from simple phishing scams to multi-layered attacks involving advanced persistent threats (APTs) that persist within networks undetected for months. For example, the APT10 group, also known as Stone Panda, has been highly active in targeting managed IT service providers to indirectly infiltrate the networks of their clients around the globe.
The ideological underpinning of China’s cyber ambitions is rooted in its vision of rejuvenating the Chinese nation. According to Xi Jinping, “Cyberspace is the new battlefield for national sovereignty.” This guiding principle is reflected in the extensive measures China undertakes to secure and expand its influence in cyberspace. The National Cyber Security Strategy introduced in 2016 outlines objectives that span from enhancing cybersecurity governance to promoting international cyber cooperation, clearly indicating a holistic approach.
Beyond government initiatives, public awareness and education in cybersecurity are also gaining momentum. A growing number of Chinese universities now offer specialized programs in cybersecurity, aiming to produce an estimated 1.4 million cybersecurity professionals by 2025 to meet both civil and military needs. Cyber competitions like the Tianfu Cup, which awards top-tier rewards of up to ¥1 million ($145,000) for successful exploits, further encourage the development of domestic cyber talent.
China’s strategic intelligence operations are meticulously designed to gather critical information and disrupt the operations of its adversaries. Using sophisticated malware and zero-day exploits, Chinese cyber units have successfully infiltrated key infrastructures globally. For instance, the Operation Cloud Hopper campaign targeted multinational IT firms, gaining access to sensitive information from numerous Western corporations, illustrating the scale and ambition of China’s cyber-espionage activities.