My name is Dean Cheng. I am a non-resident Senior Fellow at the Potomac Institute for Policy Studies, and a Senior Adviser with the United States Institute of peace. The views I express in this testimony are my own, and should not be construed as representing any official position of either the Potomac Institute or the United States Institute of Peace.

Chinese View of Information

Over the past half century, the leadership of the People’s Republic of China (PRC) has increasingly emphasized the importance of information as it relates to national economic development and national security. Beginning in the 1970s, the proliferation of microelectronics, computers, and telecommunications technology has accelerated the ability to gather, store, manage, and transmit information. From the perspective of the Chinese Communist Party (CCP) leadership, information technology, including computers and telecommunications systems, have permeated all aspects of society and economies and become an integral part of a nation’s infrastructure. Chinese analysts have dubbed this process “informationization (xinxihua; 信息化),” and see the world as shifting from the Industrial Age to the Information Age.

From the Chinese perspective, Informationization is a comprehensive system of systems, where the broad use of information technology is the guide, where information resources are the core, where information networks are the foundation, where information industry is the support, where information talent is a key factor, where laws, policies, and standards are the safeguard.

In the face of this broad trend of economic, political, and social informationization, Chinese analysts have concluded that national economic development requires greater integration of information technologies into all aspects of the economy, while defending against threats to PRC national interests and security also must become informationized.

Economic development in the Information Age is built upon accessing, exploiting as well as analyzing and transmitting information. While manufacturing, transportation, and other traditional industries remain an essential part of a nation’s strength, even those are increasingly digitized, whether in terms of the designs that they are producing or the electronic controls that govern the manufacturing equipment and power networks that sustain them. Information technology therefore permeates all aspects of the nation’s economy, indirectly as well as directly.

The spread of information technology similarly means that potential adversaries have unprecedented access to each others’ national economy, as well as the broader population and the top decision-makers. Just as the bomber and ICBM allows an opponent to directly strike a nation without having to first break through ground or naval defenses, information technology similarly outflanks traditional military forces. The proliferation of information technology into society and economics makes a nation broadly vulnerable to a range of new pressures and threats.

These threats extend beyond information networks (e.g., vulnerability to denial-of-service attacks) and component computers (e.g., computer viruses, malware). Instead, the very information itself can constitute a threat, if, for example, its content erodes the morale of key decision-makers, popular support for a conflict, or the will of the military to fight. Consequently, China’s interpretation of its national interests has expanded, in step with the expanding impact of information writ large on China.

More recent advances in information technology, including artificial intelligence and machine learning, the Internet of Things (IoT), big data and cloud computing, have further underscored the growing reach and capability of those able to exploit information networks through network warfare and cyber operations. These advances also affect both economic and security calculations.

PRC Employment of Network and Cyber Operations

Because of the growth of interconnectivity, the CCP is able to exploit its network and cyber capabilities for both economic and national security gains.

In the military and security context, PRC network and cyber operations are an integral part of intelligence gathering, just as they are for most other nations, including the United States. Undertaking such efforts is an essential part of the PLA’s broader efforts to establish “information dominance,” which PLA analysts view as an essential prerequisite to fighting and winning future conflicts. Because of the need to be able to rapidly exploit information more effectively than an adversary in wartime, it is necessary to undertake cyber and electronic reconnaissance of adversaries in peacetime. This includes not only amassing electronic signatures of enemy communications and weapons systems, but also surveying their networks, understanding their organization, and constructing the ability to attack those systems and defend against counter- attacks.

To this end, the Chinese People’s Liberation Army (PLA) created a new service, the PLA Strategic Support Force (PLASSF), in the massive restructuring and reorganization announced on December 31, 2015. The PLASSF brings together China’s electronic warfare (EW), network and cyber warfare, and space warfare forces into a single entity. As all of these elements are linked to the gathering, exploitation, and transmission of information, the PLASSF is very much China’s “information warfare force.”

Of special importance here is the Network Systems Department (NSD) of the PLASSF. This component of the PLASSF incorporates element of what had previously been part of the PLA General Staff Department’s 3rd Department, which had been responsible for a variety of cyber espionage activities. This includes the infamous Unit 61398, named in a 2013 Mandiant report and the first PLA unit publicly identified as a hacker force.

The existence of Unit 61398 as a PLA unit also highlights a fundamental difference between Chinese and Western execution of cyber economic espionage. There are few reports of Western intelligence or military forces being tasked with economic espionage. By contrast, the PLA is part of a vast network of Chinese cyber forces that undertake economic as well as national security espionage. Five members of Unit 61398, for example, were indicted by the US Department of Justice for various cyber economic espionage activities over the period 2006-2014, including attacks on Alcoa, Allegheny Technologies Inc., and Westinghouse.

As the Office of the Director of National Intelligence noted in their 2023 threat assessment, “China probably currently represents the broadest, most active, and persistent cyber espionage threat to U.S. Government and private-sector networks.” Similarly, FBI Director Christopher Wray observed in 2020 that Chinese espionage efforts are not just targeting defense sector companies. The Chinese have targeted companies producing everything from proprietary rice and corn seeds to software for wind turbines to high-end medical devices. And they’re not just targeting innovation and R&D. They’re going after cost and pricing information, internal strategy documents, bulk PII—anything that can give them a competitive advantage.

These efforts in turn incorporate both military and civilian, governmental and non-governmental elements, such that they outnumber the FBI’s cyber staff by 50 to 1.

Targeting the U.S. Department of the Interior for Network Attacks

Given the roles and responsibilities of the United States Department of the Interior (DOI), at least some of this massive array of cyber and network attackers are likely targeted at the DOI. For example, the DOI has oversight of US public lands, including drilling and mining rights. Within this purview is oversight of development of leasable minerals, such as oil, natural gas, coal, phosphate, potassium, and sodium, as well as locatable (or hardrock) minerals, such as gold, silver, copper, and gemstones. Such resources are clearly of economic importance.

As important, the United States government has identified an array of 35 critical minerals vital to national economic security, including cobalt, fluorspar, and niobium. Until recently, there have been no surveys of public lands to determine how much, if any, of these critical minerals might be present. Under President Biden’s Executive Order 14017, however, the DOI is encouraged to have the US Geological Survey, along with the Bureau of Land Management and the Department of Agriculture’s US Forest Service, begin such surveys. For the PRC, accessing the results would provide useful insight into American reserves and potential production capacity for these critical minerals.

Similarly, the DOI has oversight over leasing of both onshore and offshore sites for oil drilling. Knowing the location of potential new energy reserves, including offshore sites, would be strategically valuable, as it could help the Chinese determine which companies, in turn, to monitor and even penetrate through cyber and other means. As important, sites that are tapped will require the construction of substantial networks of pipelines and other infrastructure to extract and move those resources. As a 2021 Joint Cybersecurity Advisory, coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), noted, state- sponsored Chinese actors have repeatedly targeted U.S. oil and natural gas (ONG) pipeline companies in the past.

ONG companies may have their operating software attacked. Alternatively, as with the May 2021 Colonial Pipeline incident, the companies may be targeted for ransomware attacks, where the data is made inaccessible (but is not destroyed). Although Colonial Pipeline’s networks moved oil from refineries to customers, other parts of the overall energy supply chain, including from fields to refineries, could also be targeted.

Finally, as the DOI is part of the overall US government bureaucracy, it offers potential access to a range of systems not necessarily related to its purview. The DOI, for example, housed the data center for the Office of Personnel Management (OPM). This was the center that was accessed when OPM was hacked in 2015, exposing the records of some 4 million current and former federal employees. Notably, hearings into the hack indicated that DOI had some 3000 “critical and high risk vulnerabilities.”

Oversight of Pacific Island States

Another reason for concern about Chinese network attacks and cyber intrusions into the Department of the Interior is that the Department is responsible for overseeing US relations with several of the microstates of the central Pacific. One example is the Republic of the Marshall Islands (RMI), an independent nation tied to the United States by a Compact of Free Association. It comprises 5 islands and 29 atolls, with a population of some 58,000 people. While only possessing some 70 square miles of dry land, these islands and atolls are spread across 750,000 square miles of central Pacific territory. As such, they straddle waters that link the American west coast with the east Asian littoral.

This strategic position was made clear during the Second World War, when U.S. forces “island hopped” through the Marshall islands, on their way to the Marianas and eventually to Japan. Indeed, the battles for Kwajalein and Eniwetok provided invaluable experience for later battles on Guam, Iwo Jima, and Okinawa.

In the wake of the Second World War, the United States was granted trusteeship over various central Pacific territories, including the Marshall Islands. The Republic of the Marshall Islands (RMI) gained its independence in 1986. Under the original and subsequently amended Compact of Free Association (CFA), RMI citizens can work, live, and study in the United States, as non- immigrants. As of 2019, there were some 27,000 Marshallese in the United States, a substantial portion of the RMI population.

In addition, under the terms of the CFA, the United States provides RMI with economic support and aid. The United States provides RMI with some $70 million annually in various forms. This includes a jointly managed trust fund. US government agencies and offices, such as the Federal Communications Commission and US Postal Service, also provide services to the Marshall Islands. This aid is scheduled to end when the current amended Compact expires in 2023.

In exchange, the United States is granted exclusive and full authority to RMI lands and waterways for security and defense purposes, although RMI is free to conduct its own foreign relations. A key element of both economic and security ties is the leasing of land and lagoon space to the U.S. Army on Kwajalein atoll under the Military Use and Operating Rights Agreement. The missile and space facilities there are the second largest employer in the RMI.

RMI’s Role in American Defense Efforts

Throughout the post-war period, the Marshall Islands have played an important role in America’s defense, especially in the context of nuclear deterrence.

In the immediate post-war period, the United States conducted an array of nuclear tests in the Marshall Islands. The 67 nuclear tests conducted there between 1946 and 1958 included Castle Bravo, the largest American nuclear test involving a 15 megaton device. It is worth noting that this test was nonetheless dwarfed by four Soviet tests, which ranged from 20-50 megatons.

With the Limited Test Ban Treaty of 1963, which effectively banned above-ground nuclear tests, the islands have no longer been rocked by nuclear explosions. RMI has continued to play an important role, however, in maintaining America’s nuclear deterrent posture. Especially important has been the role of Kwajalein and the Ronald Reagan Ballistic Missile Defense Test Site (RTS).

The RTS provides key support to US defense efforts in several ways. The credibility of the American nuclear deterrent is sustained through a program of regular tests of Minuteman III missiles. As recently as August of 2021, the US fired a Minuteman III with a Hi Fidelity Joint Test Assembly re-entry vehicle onboard towards Kwajalein. Such tests demonstrate to all observers, including America’s adversaries, the continuing functionality and reliability of the American nuclear deterrent. This is becoming an ever more pressing issue due to the aging of the Minuteman III, first introduced in the 1960s. The fact that these test shots cover some 4200 miles further enhances the credibility of the American deterrent. Russian ICBM tests from the Plesetsk Kosmodrome to the Kura test range in Kamchatka cover some 3800 miles. Longer test flights provide more opportunity for measurements of flight characteristics.

Moreover, given the size of the Kwajalein lagoon (which is one of the largest in the world at over 600 square miles), one can target warheads and dummy payloads into it, and thereby prevent their recovery by other actors. In 2016, Chinese sailors seized an American unmanned underwater vehicle (UUV) from international waters. There should be little doubt that the Chinese, among others, would very much like an opportunity to examine a dummy US nuclear warhead.

The facilities at Kwajalein also support missile defense efforts. The various radars and facilities provide American missile defense planners and engineers with data to help improve missile interception capability. This is of growing concern, as both Russia and China modernize their own nuclear arsenals.

Nor are missile defenses only relevant to the nuclear side of the deterrence equation. The PRC, for example, has deployed anti-ship ballistic missiles, such as the DF-21 and DF-26. Both of these are clearly intended to neutralize American aircraft carriers and other maritime strategic platforms. Missile defenses would degrade Chinese confidence that they can sink or damage American carriers, which in turn would help deter China from using force against various neighbors, from Japan to Taiwan to the Philippines.

In November 2020, an American SM-3 Block IIA missile successfully intercepted an ICBM-type missile, launched from Kwajalein. This was the first time that the SM-3, which can be deployed aboard an AEGIS-equipped destroyer or cruiser, had destroyed such a target. This radically improves not only American deterrence, but that of any allied nation that has comparable AEGIS- type systems in their fleet. The SM-3 is already part of the Phased Adaptive Approach for NATO defense against Russian missile threats. It is deployed in the ground-based site in Rumania, and will be deployed to the site currently under construction in Poland. Meanwhile, Japan has chosen to rely on its fleet of AEGIS destroyers to provide missile defense for the Home Islands, against North Korean and Chinese threats. The success of the SM-3 Block IIA test means that this key US ally will be more secure in coming years. The facilities in the Marshall Islands have played a key role in improving American and allied security.

Finally, the facilities in the RMI, including on Kwajalein, play a central role in space surveillance. The United States Space Force currently tracks some 26,000 objects in space. Because of the high speed of objects in orbit, even a bolt or a screw can do enormous damage to the International Space Station or an orbiting satellite. The recently built Space Fence on Kwajalein provides the Space Force with the ability to monitor objects as small as a marble.

This capability is of growing importance as America’s competitors and adversaries develop ever more capable space systems, many of which are believed to be anti-satellite systems. The Russians, for example, have deployed sub-satellites from larger satellites, much like submunitions from a dispenser. In 2017, Kosmos-2519 launched Kosmos-2521, a sub-satellite while in orbit. Kosmos- 2521 subsequently launched a sub-satellite of its own, Kosmos-2523. Both Kosmos-2519 and Kosmos-2521 maneuvered in orbit. Meanwhile, China’s new reusable space plane apparently released an object while in orbit, and engaged in rendezvous and proximity operations (RPO) with at least one other object over the past year. All of these actions are difficult to track, especially while also maintaining situational awareness over 26,000 pieces of other debris. Russia has since launched other satellites that have behaved in a similar fashion, launching their own sub- satellites. US space surveillance capabilities must maintain watch over all these objects, if America’s own satellites are to be preserved.

The ground-based Space Fence radar on Kwajalein is an essential part of the American space surveillance network. It plays a key role in helping the U.S. detect and track potential threats to its satellites, including its missile early warning, strategic communications, and reconnaissance platforms.

In addition to RMI, the United States has comparable special relationships with the Federated States of Micronesia, and the Republic of Palau. Relations with both of these states are also overseen by the DOI. Both of these states are slated for additional US military construction, but have also been courted by Beijing.

For the PRC, which has been seeking inroads into the central Pacific and to build expanded ties to the various states, gaining insider knowledge of American positions, aid packages, and general policy towards those states would be of enormous strategic advantage. Moreover, as both RMI and the Republic of Palau maintain ties with Taiwan, rather than the PRC, Beijing is intensely interested in gaining any leverage it can to shift their diplomatic alignment.

The views expressed in this testimony are those of the author and not the U.S. Institute of Peace.