In the meantime, belligerent cyber activity is ramping up, mirroring the trade war between China and the United States. Could this multiply and bring about our worst fear – a conventional war? Every day, statements from the US and Chinese leaders highlight just how far apart these two countries are ideologically and politically, and the extent of their economic and military rivalry.
History has taught us how this type of confrontation often ends. Speaking of the rivalry between Sparta and Athens, the Athenian historian Thucydides predicted that a dominant nation, seeing its supremacy seemingly threatened by a rising power, would settle the question by war. Thucydides’ escalation theory makes us fear the worst for the US-China cold war, a war currently being fought in cyberspace.
From Estonia to Stuxnet
The Russian cyberspace attack on Estonia in 2007 was a wake-up call to all developed states. Russian hackers, using a simple denial-of-service attack, were able to cripple the Baltic state for several days. The functioning of its government, ministries, banks, hospitals, telecommunications companies and media were effectively paralysed.
Before and after, techniques such as unit attacks to extract information or the use of vulnerabilities to penetrate networks and computers have been used on a smaller scale, but in highly effective ways. For instance, the United States and Israel developed Operation Stuxnet to slow down the Iranian nuclear programme by remotely damaging uranium-enrichment centrifuges through a complex attack involving, inter alia, a computer virus.
New cyberwar doctrines
Aware of the growing potential of cyberattacks, as witnessed by the Estonian incident, the United States and China have been steadily formulating their cyberwar strategies, and developing the organisations, procedures and weapons to deliver them.
The Obama administration’s cyber strategy was primarily defensive. Under Donald Trump, the strategy has become more pro-active, in line with his supremacist vision. The shift in tone between the military and cyber strategies under the Obama and Trump administrations mirrors the rise in tensions between the US and China. This cyberwarfare, or Cold War 2.0, is based on the development of technical and human resources, intelligence gathering, sabotage and influence operations.
The resources deployed for cyber warfare have been increasing on both sides. The home of giant digital companies and with the world’s biggest military budget, the US undeniably has great cyber firepower. In 2009, the federal government created a new military command centre, the US Cyber Command, operational since 2010, which now employs more than 6,000 experts.
Strategic Support Force
On its side, China can count on the Third Department of the People’s Army, the specialised internal cyber-security forces, and several technology companies. In 2015, Beijing created a counterpart to the US Cyber Command Centre, the Strategic Support Force, which brings together the resources of the People’s Army in the field of cyber, space and electronic warfare.
Cases of espionage between the two countries have multiplied as, for example, the theft of the plans of the US F-35 military aircraft, which miraculously turned into the Shenyang FC-31, after Chinese spies allegedly stole the US plans. Cold War 2.0 also targets economic interests. In 2012, former FBI director Robert Mueller commented that there are only two types of companies: those that have been hacked and those that will be.
Since then, more than 80% of economic espionage cases against the United States have been linked to China. For example, hackers linked to the Chinese Ministry of State Security, hacked the Marriott Group over a period of four years, in the process stealing the personal data of some 500 millions of their customers.
Sabotage and influence
Physical sabotage is also part of the cyberwar. In 2017, using their digital arsenal, the US managed to defeat the attempted fire of North-Korean missiles, loyal allies of China.
According to the Cartwright doctrine, named after US General James Cartwright, to be effective, a cyber-strategy must have an operational component backed up, in some instances, by messages to warn adversaries of incurred risks and reveal enemy threats.
Influence and destabilisation are important objectives of the Cold War 2.0. During the 2009-2010 “urora cyberattack, China allegedly targeted 34 American companies, undermining flagship US companies such as Northrop Grumman, Dow Chemical and Google. Will the next step be a Chinese digital propaganda action in the US presidential election or other allied democracies? China has already shown its capacity for hacking accounts or spreading misinformation in the media during the recent unrest in Hong Kong.
The Cold War 2.0 is a kind of guerrilla warfare characterised by continued digital skirmishing between the United States and China, together with a threatening proliferation of intelligence-gathering activities, sabotage and influence. Given that both have nuclear weapons, it is now paramount that these two countries avoid Thucydides’ escalation trap.
Bertrand Venard, Professor at Audencia and at the University of Oxford. He is supervising a major research project about cybersecurity behaviour, funded by the European Union.
This article first appeared on The Conversation.