Dragon’s Fireballs in Cyberspace
Whichever domain man has stepped into, whether land, water, air, or even space, they have necessarily brought with them one thing: conflict. This has even led to the militarization of these domains (even though to a lesser extent in one or the other) throughout the history of mankind. The same is the case for a newer and emerging domain like cyberspace as humans themselves have created it. This new kind of warfare lets a state/non-state actor inflict damage upon an adversary without even firing a bullet or moving a tank behind the enemy lines or gaining air superiority or enforcing a naval blockade. This next-gen warfare starts with a click of a button from a remote location which can also be concealed by forging not latitude-longitude real-world addresses but IP addresses. This is an unseen and invisible battlefield. Cyber Power is the active deployment of your capabilities and intent to achieve certain objectives toward pursuing national security goals.
What is Cyber Warfare?
Richard A. Clarke, former US National Coordinator for Security, Infrastructure Protection, and Counter-terrorism defines cyber warfare as, “actions by nation-states to penetrate another nation's computers or networks for the purposes of causing damage or disruption." (Clarke 2010)
Thomas Ridd in his book Cyber War Will Not Take Place, argues that cyber attacks can be understood in three dimensions: sabotage, espionage, and subversion. He explains that war in the conventional sense is a political instrument of violent character. He further explains that not a single human being has been killed or hurt due to cyber attacks. He is fairly correct in his definition but his proposition of no human being hurt or killed in a cyber attack seems questionable.
Say, some state or a non-state cyber group launches an attack on an electricity grid or a stock exchange due to which a patient in a hospital gets affected or a trader loses money due to volatility and commits suicide. In such a situation, to whom should we attribute these material and non-material losses? That same cyber attack? The answer is in the affirmative.
Cyberwarfare is a conflict between two or more countries in the virtual world over the internet. Generally, it is associated with attacks by one nation-state against another. But increasingly, non-state actors like terrorist organizations or anonymous hacker groups are using these means to raise the cost of conflict for their enemy in asymmetrical warfare.
Cyber attacks are low-intensity conflicts and “non-military” in the conventional sense. Also since it is difficult to trace the attack to one state or non-state entity, taking retribution is difficult and hence there is very less or virtually no deterrence.
Cyber-Physical system capabilities have today become an important aspect of national power which if not taken care of can have dire consequences across economic and strategic domains. Cyberwarfare has added newer dimensions to warfare. Cyberattacks do not adhere to the traditions of Just War (jus in bello) there is no line between combatants and non-combatants and between state and private entities. Private entities unrelated to the state often become casualties in a cyber attack. To sum up, cyberspace has emerged as a new domain of statecraft and competition that cannot be and should not be neglected by states.
China’s capabilities
Though China was late in the field of cyber capabilities, it has caught up with other major powers like USA and Russia in an impressive manner in the last decades. With China’s pockets getting deeper and bigger, China has invested heavily in building its cyber force and creating off-the-books anonymous groups to inflict wounds on its adversaries.
In the 2015 Defense White Paper, the Chinese highlighted, that PLA must develop capabilities to fight ‘informationised local warfare.’ The report also stated that “integrated combat forces should be employed in system v/s system operations featuring information dominance, precision strikes, and joint operations.” so that they can gear up for modern warfare. China in its 2019 Defense White Paper said “to safeguard China’s security interest in outer space, electromagnetic space, and cyberspace” is one of the “fundamental goals of China’s national defense in the new era.” (The State Council Information Office of the People’s Republic of China)
According to the IISS The Military Balance 2022, “Outside formal command structures, PLA also uses ‘cyber militias’ mainly for defensive missions and to improve civil-military cooperation.” (The International Institute for Strategic Studies (IISS)) The report further states that PLA has integrated offensive cyber capabilities into its military exercises. China in its 2015 Military Strategy has made it clear that it wants to become a world leader in these technologies by 2035. Other departments that see into the domain of cyber warfare are PLA 3rd Department and PLA 4th Department. China is even known to use its private enterprises like ZTE and Huawei to conduct operations for the state.
Director of National Intelligence, USA in their “Annual Threat Assessment” states that “China presents the broadest, most active, and persistent cyber espionage threat to US government and private sector networks.” The report further states that “China almost certainly is capable of launching cyber attacks that would disrupt critical infrastructure services within the USA” (Director of National Intelligence)
The continuous and unchecked building-up of Chinese cyber power has led to cyber attacks attributed to Chinese entities left, right and center. Chinese have been attacking India’s critical infrastructure for a long time now, some of the recent cyberattacks on India’s critical infrastructure are attacks on Mumbai Electricity Grid (2021), Ladakh Electricity Grid (April 2022), and AIIMS, Delhi (November 2022). The attacks may have been only a dry run to search for weaknesses in India’s cyber-defense and then prepare for future attacks when two states are in a conflictual situation at borders. The Government of India (GoI) has admitted that the Mumbai power outage was due to a human error but there was indeed a slew of cyber attacks in that period. Then in Ladakh, the Chinese attacked through the use of “compromised IPs” of South Korea and Taiwan through the use of malware named ShadowPad by a hacker group named Threat Activity Group (TAG) - 38. In an attack at AIIMS, Delhi the personal health data of millions of patients including VVIPs coming there for treatment was compromised.
In 2021, there were attacks on the UIDAI database which were executed through the use of malware Winnti, which is deployed by Advanced Persistent Threats (APT) groups, which are allegedly state-sponsored. Also, when COVID-19 was raging in India, in March 2021, the Chinese attacked vaccine manufacturing units again using APT-10 also known as Stone Panda which identified vulnerabilities in the IT infrastructure of vaccine manufacturers.
These attacks reveal the vulnerability of Indian critical infrastructure as well as show that China may be taking these attacks as “mock drills” and collecting as much cyber intelligence about the Indian system as possible to launch a disastrous attack on some other date and time of their own choice.
Chinese have also attacked the USA through its arsenal of malware and viruses and have stolen important military secrets like the design of the Patriot missile system and stolen information on aircraft, ships, and helicopters and likes of F/A-18, V-22 Osprey and Navy’s Littoral Combat Ship. This information will surely give China an advantage in times of conflict.
Hence the menace of Chinese cyber espionage is fast spreading and like-minded nations must come together to fight this menace and find China’s vulnerabilities and attack them to weaken Chinese capabilities and create deterrence.
China’s core cyber defenses remain weak, it is constantly upgrading its systems, building command structure organizations, and focussing on raising a large workforce of professionals indigenously. For this, China established National Cybersecurity Centre, which has yielded some results but a lot more needs to be done on the defensive side as China relies heavily on US companies for core technology solutions. In the last decade, China has conducted several operations abroad to acquire intellectual property, gain political influence, carry out espionage, destroy the enemy's critical infrastructure, and build capabilities for creating disruptive effects in case of potential future conflicts.
The rapid development of cyber force in China has helped China achieve a nascent level of ‘concurrency’ where it can simultaneously launch attacks in all domains of warfare viz. Land, air, water, space, and cyber. Apart from this, the increasing cyber warfare capabilities have enabled China to go into a more sophisticated sub-domain of the world of cyber systems i.e. Information warfare. Today China can not only control the minds of their own people but through Information Warfare they can wear down the morale of the enemy. They are masters at propaganda just like Goebbels of Hitler’s Germany was. They can confuse the enemy through misinformation and disinformation campaigns at the same time by disallowing their enemy, space in their systems due to a ‘Red Firewall’ to safeguard their citizens from the counter-offensive.
Responses to the Threat
It is high time that countries like India, which are facing the heat of the dragon must invest heavily in building both cyber defense architecture (to defend critical infrastructure from attacks) as well as cyber offensive capabilities (to create deterrence.) The need is for a ‘whole-of-government’ approach with legislative, institutional as well as technological upgrades to fight an upcoming challenge.
Data Protection Law is still in limbo and IT Act seems to be inadequate to legally challenge the adversary. India must also upgrade its National Cyber Security Policy which was last updated in 2013. On the institutional front, a National Cyber Security Coordinator has been established under the National Security Council Secretariat to coordinate among different agencies. National Critical Information Infrastructure Protection Centre (NCIIPC) has also been established to look after the protection of CI in India. CERT-In issues advisories and alerts on current threats. But these organizations must be given more resources given threat perception and the challenge it poses.
Of late, India has adopted an “offensive defense” doctrine in its military domain. Such an approach must be replicated in the cyber domain and costs must be imposed on those who attack India. India must focus on filling the holes in its firewall by doing probable wargame exercises in the cyber domain. India must leverage its advantage of having a large skilled workforce in the IT domain to build a world-class infrastructure. All one needs is a robust guiding policy and the will to implement it.
This next-gen warfare though is silent but can inflict deep wounds on a nation’s economy, destabilize the political system and disrupt the social fabric of the country. Dragon is flexing its capabilities hence we must brace on to defend ourselves.
Pic Courtesy- Shahadat Rahman at unsplash.com
(The views expressed are those of the author and do not represent views of CESCUBE.)
