China’s Cyberwarfare Goals Described in US Report; FCC Blocks China Mobile Entry into US Market

Telecoms and technology play an important role in China’s military strategy, according to a new report by the US Department of Defense. The report, entitled Annual Report to Congress: Military and Security Developments Involving the People’s Republic of China 2019, describes in detail the military and security developments that the Chinese are pursuing in order to further their power locally and internationally.

The report addresses the current and probable future course of military-technological development of the People’s Liberation Army and the aims and objectives of Chinese security strategy and military strategy, and of the military organizations and operational concepts supporting such development over the next 20 years.

Some of the key findings include:

  • In 2018, China’s leaders continued to advance an ambitious agenda of military modernization while pursuing economic growth and improving technological strength.
  • China’s leaders increasingly see the United States as adopting a more confrontational approach in an attempt to contain China’s rise.
  • Recognizing that programs such as “Made in China 2025” and the “One Belt, One Road” Initiative (OBOR) have sparked concerns about China’s intentions, China’s leaders have softened their rhetoric when promoting these programs without altering the programs’ fundamental strategic goals.

The report highlights how China’s private telcos and equipment makers are using technology to expand into overseas markets:

China’s private sector, led by Internet companies Baidu, Alibaba, and Tencent (BATs) and telecommunications equipment manufacturers Huawei and ZTE, is driving the development of emerging technologies, such as facial recognition and 5G, by establishing innovation centers and funding technology startups, or in the case of 5G, competing to build the world’s next-generation networks. Chinese technology companies are also expanding into overseas markets, in some cases, by offering smart-city technologies, a development that could increase their access to foreign talent and data.

It discusses the role of Chinese companies in intelligence work:

The 2017 National Intelligence Law requires Chinese companies, such as Huawei and ZTE, to support, provide assistance, and cooperate in China’s national intelligence work, wherever they operate.

The report claims China is using technology to access sensitive information and degrade US technology:

China’s military modernization also targets capabilities with the potential to degrade core U.S. operational and technological advantages. China uses a variety of methods to acquire foreign military and dual-use technologies, including targeted foreign direct investment, cyber theft, and exploitation of private Chinese nationals’ access to these technologies, as well as harnessing its intelligence services, computer intrusions, and other illicit approaches. In 2018, Chinese efforts to acquire sensitive, dual-use, or military-grade equipment from the United States included dynamic random access memory, aviation technologies, and antisubmarine warfare technologies.

It also highlights how China is targeting foreign technology:

China obtains foreign technology through imports, foreign direct investment, the establishment of foreign research and development (R&D) centers, joint ventures, research and academic partnerships, talent recruitment, and industrial and cyberespionage. In December 2018, two Chinese nationals were indicted for conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft. The Chinese nationals worked for a company in China called Huaying Haitai Science and Technology Development Company and acted in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau. Through their involvement with a hacking group operating in China known as Advanced Persistent Threat 10 (APT10), the Chinese nationals conducted global campaigns of computer intrusions targeting intellectual property and confidential business and technological information at managed service providers. The APT10 group stole hundreds of gigabytes of sensitive data and targeted the computers of victim companies involved in aviation, space and satellite technology, manufacturing technology, pharmaceutical technology, oil and gas exploration and production technology, communications technology, computer processor technology, and maritime technology.

It also discusses China’s strategy to use technology to deter military threats:

PLA researchers believe that building strong cyber capabilities are necessary to protect Chinese networks and advocate seizing “cyberspace superiority” by using offensive cyber operations to deter or degrade an adversary’s ability to conduct military operations against China.

The risks posed by Chinese control of telecoms networks were also highlighted by the US comms regulator recently. In a speech given at the Prague 5G Security Conference, Federal Communications Commission (FCC) Chair Ajit Pai stated that they would be barring China Mobile from providing services on the grounds of national security.

…the FCC will vote next week to reject China Mobile’s petition to provide international telecommunications services in the United States. This decision comes after a lengthy Executive Branch review of the application and consultation with the U.S. intelligence community, which concluded China Mobile posed substantial national security and law enforcement concerns that could not be adequately mitigated.

Pai asked the international community to consider the long-term implications of 5G purchasing decisions.

Stepping back and looking at the bigger picture, we believe that 5G security issues need to be addressed upfront. Making the right choices when deployment is beginning is much easier than trying to correct mistakes once network construction and operation is well underway. Moreover, decisions that impact 5G security need to be made with the long term in mind. Focusing too heavily on short-term considerations could result in choices that are pennywise but pound foolish.

I will put it plainly: when it comes to 5G, we cannot afford to make risky choices and just hope for the best. We must see clearly the threats to the security of our networks and act to address them. And the more that the nations represented at this conference can work together and make security decisions based on shared principles, the safer that our 5G networks will be.

Meanwhile, the Head of GCHQ, the UK’s electronic intelligence and security agency, wants the country to have a whole-of-nation, automated cyber defence system. He is calling for a “genuinely national effort” to help improve the UK’s cyber security and asking for continued and increasing collaboration between government, academia and industry partners in the UK and abroad.

You can find the complete US Department of Defense report to Congress about China’s security strategy by looking here.

Marianne Curphey
Marianne Curphey
Marianne Curphey is an award-winning freelance writer, blogger and columnist. She is a former Editor of Guardian Money online, City News Editor of The Guardian, Insurance Correspondent of The Times and Deputy Personal Finance Editor at The Times.