Politics Foreign Affairs Culture Fellows Program

China Is Winning the Cyberwar

Chances are your data has already been harvested by Chinese-backed hackers.

Cybercrime is on the rise. In fact, by 2025, the annual cost of cybercrime is predicted to be as high as $10.5 trillion globally. The cybercrime economy is now worth more than the German and Italian economies combined. The U.S. is the largest target for cyber-attacks in the world.

Many of these attacks are backed by the Chinese regime. According to experts, the danger posed by Chinese state-sponsored hacking has never been greater than it is today.

Richard Stiennon, chief research analyst at IT-Harvest, told me that “China is much more visible in their cyber-attacks” than the United States. Since Titan Rain, a series of coordinated attacks that targeted government agencies in the U.S. and U.K. that began in 2003, China has “been discovered infiltrating government and industry networks to steal data.” Stiennon added that Chinese hackers operate “with impunity, relying on plausible deniability, and lack of pushback to continue.” 

However, he argued the U.S. “is far more capable than China.” Why doesn’t the U.S. strike back? It does, he said, but it “has different targets,” namely, “military and political entities.” Of course, China has those very same kinds of targets, namely, the United States’ military and political entities. Chinese hackers have been stealing U.S. defense secrets for years. 

Make no mistake, China and the U.S. are engaged in a cyberwar. Although Stiennon stressed that the U.S. is capable of “handling itself,” it’s difficult to feel confident when one sees stories of Chinese state-sponsored hacking groups successfully infiltrating U.S. government agencies. 

Earlier this month, for example, the cybersecurity firm Mandiant published a report outlining how Chinese hackers have compromised, and continue to compromise, government agencies. Today, they said, data is the new oil. According to Mandiant, Chinese hackers have conducted “extensive reconnaissance and credential harvesting.” China has already stolen the data of 80 percent of American adults, which is more than 200 million people. Chances are, reader, your data has already been harvested by Chinese-backed hackers.

Cyber-attacks are not just becoming more common—they’re becoming more sophisticated. That’s bad news for the U.S., according to Glenn S. Gerstell, a senior advisor at the Center for Strategic and International Studies and the former general counsel of the NSA. The U.S., he said, is simply “not ready to defend as a country.”

Gerstell said that “cyberthreats are growing faster than our ability to adapt to them,” and suggested the U.S. “impose some kind of mandatory solution.” After all, the country’s national security is at stake, particularly with the internet-enabled vulnerability of hospitals, airports, roads, and banks. For far too long, Gerstell warned, the U.S. “has been reactive,” continuously side-stepping its cyber responsibilities. 

Last year, I discussed the dire state of the United States’ critical infrastructure and cyber capabilities. Since then, little has changed. What could be done? Sanctions are very much in vogue, so I asked Ian Bond, an expert in economic affairs, if the U.S. should sanction China for its cyber provocations. He said it depends: “Intrusions for espionage purposes [commercial or against the state] are annoying, but part of the normal business of states.”

Offensive action, on the other hand, such as “strikes that cripple critical national infrastructure, might rise to the level of an act of war if they cause casualties,” Bond added. However, “attribution is often difficult and can’t always be determined quickly,” if at all. “Like-for-like retaliation is unlikely, outside of a context where there is already a war going on. But a state attacked in this way in peacetime might, if it’s certain of the origin of the attack, impose sanctions.”

Gary Hafbauer, another expert on these issues, told me that cyber-attacks lie in a gray area between provocation and actual war. When it comes to hacking, he said, “reciprocity is called for.” Hafbauer said he wants the NSA to “hack back” to the best of its capabilities. But more bad news: In 2014, Chinese hackers hijacked an NSA hacking tool, and, according to WIRED magazine, they then proceeded to use this tool for years. Three years later, in 2017, NSA hackers were themselves hacked by bad actors. Even the NSA’s crème de la crème, it seems, struggle against Chinese-, Russian-, and Iranian-backed hackers.

Gerstell encouraged “all U.S businesses and state and local agencies to beef up their cybersecurity.” The future of cyberwar “will look a lot like electronic warfare does today,” he added. “All battles will have a second front as the opposing sides attempt to commandeer and disable the other’s from communicating, coordinating, targeting, and gathering surveillance imagery.” 

Is the U.S. prepared for that future? In truth, we don’t know. But China seems to be.

John Mac Ghlionn is a researcher and essayist. His work has been published by the likes of National ReviewNew York PostSouth China Morning Post, and the Sydney Morning Herald. He can be found on Twitter at @ghlionn.