KEY TAKEAWAYS
KEY TAKEAWAYS
The 2024 revelations over China’s effort to implant malware in critical U.S. infrastructure by the Volt Typhoon hacking group — as well as the Salt Typhoon group’s successful breaching of at least nine major U.S. telecoms — have renewed concern over Beijing’s constant, ongoing efforts to hack Western companies, governments and non-governmental organizations. Unlike past incidents, like those involving Chinese military unit 61398, which were largely about cyber espionage, the Volt Typhoon group was actively implanting malware designed to disrupt critical infrastructure such as water and power systems.
As the Volt Typhoon group is believed to be a state actor (as opposed to a criminal group or “hacktivists”), its actions highlight that the Chinese government is not just gathering information but instead threatening to sabotage the ability of economies and states to function.
Just as the Ukraine-Russia war is demonstrating that drone warfare has moved from the tactical to the strategic, China’s hacking activities showcase how cyber intrusions are increasingly strategic in effect. This is especially true when considering their potential impact on space systems.
Military history demonstrates that the ability to achieve surprise can be decisive; a smaller force exploiting surprise can often defeat a larger one. At its most basic, surprise allows one to concentrate forces at the time and place of one’s choosing. Further, organizational, doctrinal and technological surprise can exploit changes that an adversary cannot compensate or prepare for.
While tactical surprise has marked warfare for millennia, strategic surprise is much harder. Mobilizing and moving vast armies with minimal prospect of detection came about only in the 19th and 20th centuries, as railroads, motorization and then airpower allowed forces to concentrate rapidly and reach farther, even bypassing an adversary’s defenses.
Moreover, while various nations have succeeded in achieving strategic surprise at the onset of a conflict — like Japan at Pearl Harbor, Egypt and Syria in the 1973 Arab-Israeli War or Iraq at the outset of the Iran-Iraq war — capitalizing on that surprise can be difficult. Industrial states have enormous resources, and given time, can mobilize them, as the United States and Soviet Union did in World War II.
In the 21st century, however, the elevation of information systems and satellite constellations to central roles in national economies and militaries has made surprise far more devastating when it can be achieved. The Chinese state-sponsored Typhoon groups’ activities build upon past Chinese cyber espionage efforts, which were largely aimed at obtaining intellectual property and sensitive information, such as the Office of Personnel Management’s records of past and present U.S. government employees. These new actions are only a sample of what can be done in peacetime to penetrate and exploit an adversary’s information systems. Similarly, a key method of attacking space systems is through their various tracking, telemetry, and control networks, which command physical satellites, pointing them, turning them on or off and even moving them.
This is further complicated by the growing role of artificial intelligence (AI), which accelerates the pace of various actions. China has become a leader in AI, with its DeepSeek AI fiercely competing with ChatGPT and other western AI programs for subscribers and users. Pre-implanted malware, coupled with AI, can accelerate and expand cyber-attacks, allowing an array of strikes against many targets, all at the speed of light, with only a few keystrokes separating spying from more destructive actions.
Because all of these systems are integrated into the fiber and backbone of national economies and militaries, it is also far less clear how long recovery, reconstitution and eventual return would take in the wake of a surprise cyber and space attack. Admiral Isoroku Yamamoto, heading the Japanese fleet, famously warned that he could rampage for about a year after the Pearl Harbor attack, but would make no promises after that. He knew that unless he could repeatedly devastate the American homeland, America’s industrial capacity would eventually replace any losses he inflicted.
By contrast, cyber and space disruptions could well propagate throughout a target nation’s economy, industry, financial networks and military. Interfering with air traffic control systems, railroad switching systems, power plants and telecoms simultaneously or sequentially would impede not just mobilization but day-to-day life. Destructive attacks might require manufacturing new systems, yet that manufacturing would itself be affected by those same attacks. Hacking financial institutions and records would meanwhile sow confusion and likely lead to broader social unrest. Such attacks need not involve direct penetration of banks and trading houses; if the enemy disrupts the timing signal provided by the GPS constellation, a wide range of activities from stock trades to paying for gas can be affected.
Chinese efforts to threaten the ability of American space assets … to function are increasingly an existential threat to the United States.
Whereas strategic surprise previously afforded only temporary advantage, in the information and space age, it may well be much longer lasting. Chinese actors rampaging through American information networks with a freedom that Admiral Yamamoto would have envied is a recipe for disaster. Chinese efforts to threaten the ability of American space assets — whether governmental or commercial — to function are increasingly an existential threat to the United States, jeopardizing the ability of the military to fight, of banks and financial institutions to function and of transportation systems to move.
It is therefore essential that American strategic planners understand the importance of maintaining information and space superiority relative to China and signal that awareness to their Chinese counterparts. The United States needs to respond to Chinese actors such as the Typhoon groups. The response need not be public, but it must be effective. Chinese leader Xi Jinping and the broader Chinese Communist Party leadership must recognize that China will not be able to undertake information attacks against U.S. infrastructure with impunity. Rather it needs to be clear that China will suffer comparable or worse damage from U.S. retaliation — the cyber equivalent of the Cold War’s Mutually Assured Destruction.
Similarly, Chinese efforts to establish space dominance must be met with a robust set of credible American capabilities. The 2022 decision to unilaterally halt U.S. testing of certain anti-satellite systems has not led to a reduction of Chinese (or Russian) anti-satellite efforts. If anything, they appear to have redoubled.
While there is a constant hope that the cyber and space domains can somehow be insulated from conflict, for the benefit of all mankind, the reality is that both these domains are the new strategic high ground. As U.S.-China strategic competition intensifies, the ability to dominate both will be a key factor in determining the shape of world peace, and whether it is along Chinese or American lines.