September 22, 2016
The sparsely populated Spratly Islands, a collection of hundreds of islands and reefs spread over roughly 165,000 square miles in the South China Sea, are very quickly becoming the center of one of the most contentious international disputes between world powers since the fall of the Soviet Union.
Alarmingly, the use of cyber attacks in this dispute suggests we might already be in the midst of a new Cold War playing out in cyberspace — where America’s advantage is not as clear as it is with conventional armies and navies.
The Spratly Islands are of economic and strategic importance. All of the countries in the region — including China, Vietnam and the Philippines — have made competing territorial claims to the region. In recent years, China has become increasingly aggressive in its claim, rapidly building artificial islands while also conducting military operations in the area.
Beyond this conventional military build up, however, are complex and brazen cyber attacks by China that are leaving America and its allies increasingly concerned.
A massive distributed denial of service (DDoS) attack knocked offline at least 68 Philippine government websites in July, apparently in response to an international court ruling that denied China’s territorial claims in the region. Just days later, Vietnam’s national airline and major airports were targeted in a series of attacks by the Chinese hacking group 1937CN.
Those are just the latest examples of China’s years long cyber campaign related to the Spratly Islands. (In another attack, the website of the aforementioned international court was infected with malware and taken offline last year.)
While these “nuisance” attacks — and continued cyber espionage by China — are serious, targeted Chinese cyber attacks designed to impact America’s physical military systems in the South China Sea are the most substantial evidence that we may be on the brink of a more tangible cyber threat to American military power.
The challenge is that the capabilities and sophistication of state-sponsored and non-state hackers are increasing exponentially.
China appears to be moving forward with plans to use electronic attacks designed to either disrupt or take control of American drones. With reports that the Chinese attempted to interfere with U.S. military drones at least once in recent years, the country has shown a willingness to use GPS jamming to prevent U.S. aircraft from conducting surveillance missions in the Spratly Islands.
That 2015 instance appears to fit China’s public posturing on the ways it says it could use electronic GPS jamming to disrupt U.S. drone networks. One 2013 report in the Chinese journal Aerospace Electronic Warfare notes in technical detail how its military can “use network warfare to attack and even control America’s network” by disrupting the connection between satellites and aircraft.
This sort of GPS jamming could be the largest electronic threat to the U.S. drone program. In fact, it has been widely speculated that Iran used a similar GPS “spoofing” technique to take control of a U.S. surveillance drone in 2011.
The American military says it is preparing for these sorts of attacks with its new cyber strategy released last year. In addition to outlining how cyber will be included in military planning, the report calls for a hardening of the military’s cyber defenses to prevent the theft of military technology or cyber attacks against military infrastructure and weaponry.
The challenge, as any expert in the cybersecurity world would tell you, is that the capabilities and sophistication of the Chinese, Russians and other state-sponsored and non-state hackers are increasing exponentially. One only has to read the news to see nearly daily evidence of this (e.g. the recent suspected NSA breech, hacks targeting Democratic political organizations, the attack against the State Department’s email system or the theft of military intel in the OPM hack).
The relatively inexpensive cyber options being employed today by both state and non-state hacking groups make it an incredibly efficient “leveler” of power. A small group of hackers using simple spear-phishing tactics, for example, can have massive impact on military installations, government operations, critical infrastructure and potentially even weapons systems.
The unconventional battle playing out in the South China Sea — where cyber attacks are taking the place of conventional fighting and other forms of diplomacy — is a new model of warfare. The growing cyber threat from China may pose the most immediate threat to America and its allies because, while the U.S. continues to have a clear conventional military advantage, our advantage in cyber is not as clear.