By N. C. Bipindra for EurAsian Times
Cyberspace is becoming the new battlefield where the United States (US) and Communist China are trying to outsmart each other. With the hindsight of cybersecurity vulnerabilities witnessed during the Russia–Ukraine conflict, the two sides are trying to secure their cyberspace with stringent legal measures and wargaming.
China has decided to strengthen its anti-espionage law by including, for the first time, cyberattacks by any spying agency or its surrogates as an act of espionage.
South China Morning Post reported on April 22, quoting Zang Tiewei, a spokesperson for China’s top legislature, that the amendments to the law were on the agenda of the meeting of the legislators slated next week.
New provisions on cyber espionage would be the focus of the changes to the anti-espionage law, said the spokesperson. This would be China’s third amendment to the counter-espionage law since August 2022.
In 2014, the anti-espionage law was put in place, and this legislation was considered to be among the “most potent tool” at the hands of the ruling Communist Party to crack down on alleged external interference as China locked horns with the US and its allies on almost all fronts, the report said.
In China, amendments to laws on national security rarely faced any hurdles in the legislatures before becoming the law of the land, with President Xi Jinping’s approval.
“The revision was expected to be endorsed at the second meeting of the Standing Committee of the 14th National People’s Congress (NPC), China’s top legislature, to be held from Monday to Wednesday,” said Zang Tiewei, spokesman for the NPC’s Legislative Affairs Committee.
Zang said the latest revision “improves the regulations on cyber espionage” and “clearly defines cyberattacks, intrusions, interference, control and destruction” by foreign spies as espionage activities.
US Businesses Asked To Wargame Cybersecurity
Both US and China are increasingly following a zero-tolerance attitude towards cyber breaches and cyber espionage on each other amidst a growing geopolitical battle on all fronts. Cyber espionage is gaining greater attention in both nations as the two sides try to go one-up on each other in cybersecurity.
The US has asked its corporates to wargame the fallout of a Chinese invasion of Taiwan on its cybersecurity, particularly if they have operations inside China or Taiwan. During the war between Russia and Ukraine, the United States found that most of its business entities operating in the two warring nations had had locals manning their cybersecurity wings.
“So, we had a lot of companies who had to endure hard decisions and take rapid action at the time of the invasion (by Russia of Ukraine). They had Russian or Ukrainian CIS admins, and they had to think about what privileges they wanted them to have,” Rob Joyce, Director of Cybersecurity at the US National Security Agency, told a talk show on April 11 in Washington DC.
“They (companies) had network segments in Russia or Ukraine, and they had to consider whether they severed or firewalled it. They had to think about whether they just pulled all the way out of their Russian businesses and what the implications were,” Joyce said. He said those with gained experience in the Russia-Ukraine conflict would need to do tabletop wargaming within their organizations on how cybersecurity would pan out if there is a Chinese invasion of Taiwan.
“…I think that’s a really hard problem. And you don’t want to start planning the week before an invasion when you’re starting to see the White House saying it’s coming, right? You want to be doing that now, buying down your risk and making those decisions in advance. And it’s really hard. So tabletop it and see where your pain points are,” Joyce suggested.
The National Security Agency cybersecurity director noted that all of America’s game-changing industrial advancements, whether material science, chemicals, or battery technology, had been targeted in the past. “If we have innovated it and have the state-of-the-art, you know, it’s been under pressure from China and others to pull that and steal and bypass the investments our companies are making to develop it.”
Formidable Threat In Cyberspace
A US Congressional report released in November said China’s focus on enhancing its cyber capabilities over the past decade “poses a formidable threat to the United States in cyberspace today.” That warning came following the US-China Economic and Security Review Commission’s assessment that Beijing’s trade practices necessitate closer scrutiny from lawmakers and the Biden administration.
The commission’s 2022 annual report to the US Congress has studied wide-ranging challenges to the American economy and national security, including China’s cyber warfare and espionage capabilities. The commission was formed in 2000, comprising both the Democrats and Republicans from the Senate and the House. It was mandated to report on “the national security implications of the economic relationship between the United States and the People’s Republic of China.”
The November 2022 report observed that China’s ambitions to become a “cyber superpower” gave it “an asymmetric advantage” over the US due to the ruling Communist party’s unscrupulous disregard for international rules of cyberspace. China’s reliance on cyber operations such as information warfare, cyber espionage, and control over cyberspace “pose a serious threat to the US government, business, and critical infrastructure networks in the new and highly competitive cyber domain,” the report said.
It noted with concern that Beijing had “achieved this transformation by reorganizing its cyber policymaking institutions, developing sophisticated offensive cyber capabilities and perpetrating cyber espionage to steal foreign intellectual property at industrial scale.”
Beijing’s cyber espionage operations and third-party compromise to infiltrate networks had been emboldened by its legislation that weaponized the country’s cybersecurity industry and research by requiring companies and researchers to submit all discovered software and hardware vulnerabilities to the Communist government before sharing with the vendors, who can plug the gaps.
In its recommendations to effectively fight China’s cyber operations, the commission asked the US Congress to legislate laws that designated entities, defense contractors, and research agencies to enhance efforts against cyber attacks. It also wanted the Department of Homeland Security to catalog Chinese-sourced surveillance equipment, first responder communication systems, and smart cities used by the American local governments and to implement plans to remove or replace such equipment to protect US interests.
In October 2022, Georgetown University’s Center for Security and Emerging Technologies found over 1,600 local governments in 49 US states to have purchased communications technologies and services from five Chinese companies that the federal government had banned between 2015 and 2021.
Cat And Mouse Game
Both the US and China have extensive capabilities in cyber espionage. They are known to engage in cyber operations targeting each other and other countries and entities worldwide. The US has accused China of cyber espionage against US government agencies, corporations, and other targets.
The US has also accused China of stealing intellectual property and other sensitive information from US companies through cyber espionage. In response, the US has taken several measures to outsmart China in cyber espionage, including implementing stronger cybersecurity measures, increasing funding for cybersecurity research and development, and increasing diplomatic pressure on China to stop engaging in cyber espionage activities.
On the other hand, China has also been accused of cyber espionage against the US and other countries. China has denied these allegations and has accused the US of engaging in cyber espionage activities against China.
To outsmart the US in cyber espionage, China has invested heavily in its cybersecurity capabilities, developing advanced hacking tools and techniques and building up its domestic technology industry to reduce its dependence on foreign technology.
“Both countries continue to engage in a complex game of cat and mouse in the realm of cyber espionage, with each side trying to stay one step ahead of the other,” a New Delhi-based strategic affairs and security analyst said, asking not to be named.
NOTE: Defence.Capital is available on Telegram. Please click here to subscribe
Categories: Chakraview, Cyber Security, Defence, Opinion, Terrorism, Top News
Leave a Reply