China is not content anymore to merely influence its region. It aims to play a greater role on the international stage. In both ambitions, cyberspace and big data are a great help.
The Great Contender with Resentment
China has the world’s second-largest military budget with USD 228 billion spent in 2017.[1] It represents 13.4% of the world’s economy and, by 2026, it will overtake the US as the largest GDP.[2],[3] Its solid growth is combined with new policies to ensure a supply of raw materials, thus switching from a “made in China” policy to a “created in China” one, with innovation as a core principle and the defense of its economic and political interests abroad a key goal.
China’s aspirations of expansion and liberty of movement do not only come from its wish for global policy, but also from a past century of humiliation: 100 years etched in its collective mind as a terrible part of China’s history. Indeed, from 1840 to 1949, China knew defeats, occupations, and internal disorder: the two Opium Wars; unequal treaties favoring European powers; territorial losses (Korea, Mongolia, and Tibet); the Boxer rebellion; wars against France, Japan, and Russia; Japanese invasion; and a civilian war that ended up with the victory of the communist party and the escape of the nationalists (the Kuomintang party) to Taiwan.[4]
In the aftermath of this civilian war, Mao Zedong declared that it was the end of the century of humiliation. By picking up this resentment, Xi Jinping declared, in 2012, that he wanted to achieve the two centennial goals: build a prosperous society for the 100th anniversary of the Chinese Communist Party in 2021 and, more importantly, have a “fully developed, rich, and powerful”[5] nation for the 100th anniversary of the People’s Republic in 2049. Xi Jinping is on his way to become the second most important leader of the country after the greatest strategist Mao Zedong and to surpass the US in terms of global influence.
The Rise of the Renewed Pax Sinica
On top of its regional aspirations, China wishes to play a greater global leadership role, as seen in the latest Davos Forum (which Xi Jinping attended for the first time) and the latest Belt and Road Forum (which 30 world leaders attended).
During the 2017 G20 meeting in Hamburg, Xi Jinping introduced the concept of “the China Solution”[6], which he described as the support of “the common development of all countries, not just China’s own sphere of influence. It is meant to build not China’s own backyard garden, but a garden shared by all countries”[7]. This “China Solution” is represented by the Belt and Road Initiative (BRI), or the revival of the Silk Road, composed of mainly two corridors going from China to Europe: one by land through Central Asia, South Asia, and the Middle East, and the other by sea through the South China Sea, Bay of Bengal, and Red Sea.
In total, it will cover 65 countries, 60% of the world’s population, and will improve trade, finance, and infrastructures[8]. It is in accordance with the shift to a model based on high-value industries, services, and domestic consumption for a country that wants to ensure its imports and exports[9]. China is slowly trying to establish military bases along the waterways from China to Europe; in Djibouti to protect the Bab-al-Mandab Strait, in Pakistan for an easy reach to the Ormuz Strait, or in Myanmar’s Coco Islands for quicker access to the Strait of Malacca, the soon-to-be busiest waterway in the world[10]. Thus, it comes with no surprise that Beijing is developing a power projection capability with blue-water navy maritime force to protect the flow of raw materials and merchandises.
The New Regional Hegemon
The current US uncertainty towards Northeast and Southeast Asia is a great opportunity for China, which has been more hawkish in the last few years. Beijing invested massively to create a modern and flexible army; the military budget doubled in 10 years, the first aircraft carrier is now deployed (with a second one under construction), and next-generation aircraft are almost ready. All these efforts are possible thanks to cyber attacks and retro-engineering prowess and enable power projection to support an Anti-Access/Area Denial tactic [A2/AD] to protect its activities in the South China Sea (aka the Nine-Dash Line).
The People’s Republic of China (PRC) uses a mix of traditional (money) and cyber means (threat) to pressurize neighbors and protect its “strategic belt” (i.e. its coast, where most economic activities occur). In South East China, after a decade of cordial relations with some states through generous economic, commercial, infrastructural and cultural programs, the PRC shifted its approach and started to “flex its muscles”. In Malaysia, the President is concerned about debt issue and canceled a $22 billion worth project, such as the East Coast Rail Link (ECRL), which is part of China’s BRI.[11] In the Philippines, the hard talk round seems to be over and both countries are trying to resolve their maritime disputes; a meeting is scheduled before the end of the year between both leaders. [12] Furthermore, long-established allies of China, like Myanmar and Vietnam, are becoming more suspicious; a Chinese-backed dam project in Myanmar is at risk and in 2017, Vietnamese banks and airports were hacked allegedly by Chinese state-sponsored groups.[13]
Nevertheless, the lack of unity and capacity in the ASEAN will not stop China. ASEAN states can only sustain a low to medium intensity “gunboat diplomacy” even if the US deployed, to guarantee freedom of navigation, the USS Ronald Reagan aircraft carrier, in addition to the permanent carrier that belongs to the Navy’s 7th Fleet based in Japan (USS Carl Vinson).
Energy at Stake in Europe
Energy is fundamental for economic growth; it “is a massive generator of wealth”[14]. Energy is power and it ensures survival. As we see, the BRI poses a security dilemma for states surrounding the South China Sea over strategic waterways but not only. Indeed, in Europe, another issue is at stake. Although the BRI will “connect” Europe to China and ease trade and business with the Middle Kingdom, state-owned electric utility company State Grid Corporation of China is investing, mostly in mergers and acquisitions in Europe, just like Russian energy companies did in the 2000s and let to a divided European voice against Putin’s vision of the Russian reemergence.
At that time, generous oil and gas prices gave Moscow the ability to defend and expand its interests outside its borders. Through economical investment (like joint ventures, the purchase of shares, acquisitions of pipeline companies and refineries, etc.) in oil and gas companies, Russia increased its leverage. It created a grip and a decision capability in the heart of the European Union territory.
Similarly, in recent years, Europe has received record levels of Chinese inward investment, with minimal barriers to Chinese-led mergers and acquisitions. But now, Western nations are pushing through stronger measures to block foreign direct investment (FDI) and foreign takeovers of strategic economic assets, citing security concerns.[15] Recently, Germany, the UK, France, and Italy, took steps to introduce legislation, while the European Union looks to adopt an investment screening mechanism by the end of the year.[16]
The Chinese grand strategy will not be easy to implement, but it paves the way for a long-term vision for China to protect its own interests like former and current superpowers such as Spain, Great Britain, or the US. This century will be China’s and a renewed pax Sinica is slowly taking shape.
The Dragon’s Cyber Claws
China’s traditional hacking against the US, along with cyberspying, mostly targeted defense and aerospace companies for reverse engineering purposes, as seen in two major Advanced Persistent Threat (APT) campaigns dubbed “Titan Rain” and “Byzantine Hades” that enabled massive exfiltration of classified information. But one of the biggest data breaches allegedly attributed to China, against the Office of Personnel Management (OPM) in 2015, was probably
done to compile a database of 22.1 million US government employees for further use.[17] For the last three years, China has been especially aggressive on espionage and the 2017 killing or imprisoning of dozen of US sources in China might be related to the OPM breach.[18] Other explanations also incriminate a mole within the CIA or the crack of the encrypted method of communication between the CIA and its field assets.[19]
Nevertheless, since the 2015 US-China deal on electronic espionage, Chinese hacks dropped and their attacks are now particularly focused on critical infrastructure across Asia in India, Indonesia, the Philippines, Vietnam, Hong Kong, Japan, and Singapore.[20] All these countries are part of the BRI project or are related to political interests in Hong Kong and Japan. Beijing is probably trying to get entry points within governments and critical infrastructure to have better leverage in the medium and long term. The fear of cyber economic espionage, notably in Germany, the UK, and Australia, pushed similar “non-cyber attacks” deals.[21]
George Orwell 2020
Regarding its domestic policy, the communist party is obsessed with control. It tries to control citizens’ lives in every possible way to avoid liberty, protest, alternative thinking, initiative, or unpredictability. The PRC combines legislation and technological actions to censure and regulate the Internet domestically. For example, the new Cyber Security Law that came into effect in 2017 gives the Chinese government a greater oversight over the cyberspace architecture.[22] For example, in some parts of the law, the language is vague and imprecise, which could be invoked by the authorities for inspections, even into proprietary technologies or intellectual property, compromising business secrets and sensitive information.
On top of the “Great Firewall” that limits access to websites on the global Internet (like Facebook or Google) and the “Green Dam”, a software package installed on personal computers to monitor online activity, the government devised a new way to enforce obedience among the citizenry: Sesame Credit. The social credit system app collects data to measure how much the user follows the party line. For example, it collects big data about the user’s behavior on social media, travels, what is shared or posted, and a multitude of other data like shopping patterns.[23]
All behavior is related to points and an overall score is displayed. For example, if you purchase a foreign item, like Japanese manga, your score goes down. If you report news from a state media agency, it goes up. The higher the score, the better citizen you are. A good score rewards you with benefits: find new accommodation in a good neighborhood, make it easier to get a loan, be able to enroll your child in a highly rated school, have online discounts or avoid queues for administrative documents.
It goes even further. Because it is based on social media, the app scans your network and, if you have friends with low scores, it will downgrade yours. That is the strongest point of this app: the government does not really need to intervene because social pressure will do the job. There are no consequences yet for a low score, but rumors say that they could come by 2020 when the app should be highly recommended to download. These consequences may be slower Internet speed or restriction from certain job applications.
Days of Future Past
Currently, China is already the biggest cyber market in the world with more than 730 million Internet users, mostly on mobile phones.[24] Its tech companies, such as Baidu, Alibaba, and Tencent (aka BAT), even if relatively unknown on the global market, are economic giants.[25] These companies are growing, investing abroad (transport, automobiles, e-commerce, online services), and supporting the international government’s policy.
Assisted by big data, the rise of BAT and the imposition of domestically built technologies in its strategic sectors like banking or energy, the Middle Kingdom is able to sustain its mixed model of an authoritarian system coupled with economic growth. With this patriotic sense of belonging, the government tries to avoid the affirmation of the newly established middle class that could also wish for more liberty and democracy. Moreover, the rest of the world has less and less room for manoeuver regarding Beijing schemes, as seen with the disappearing of Interpol’s ex-president Meng Hongwei or the situation with the Muslim minority in Xinjiang. Xi Jinping is the Chinese leader who has centralized most power since Den Xiaoping and he will continue this way after having been reelected during the 19th National Congress in October of last year.
About the Author
Julien Chesaux is a Cyber Security Consultant at Kudelski Security, a Swiss and American cybersecurity company. Julien mainly works on cybersecurity, information security, and geopolitics analysis in order to help clients to find solutions regarding their threats. He is also a mediator and writer for the Swiss Think Tank Foraus and the co-founder of the www.stralysis.com. He has worked in diplomacy and cyber security for seven years in Switzerland, Australia, and France. His main research interests are Global Security, Cyber Geopolitics, and International Affairs.LinkedIn profile: www.linkedin.com/in/julien-chesaux-65279456
;
We are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.