Maj Gen PK Mallick, VSM (Retd)

04 Mar 2025

Cyber and Information War Issues

Centre For Eastern and North Eastern Research Studies – Kolkata (CENERS – K)

https://www.strategicstudyindia.com/

Daily Hits for month of Feb 2025

Country wise Hits for month of Feb 2025

Information Warfare

Cyber Warfare

Computer Network Operations

• Computer Network Defence
• Computer Network Exploitation
• Computer Network Attack

Defensive Cyber Operations

There is no national security without cybersecurity

​

-- President Xi Jinping, February 2014

Organisation for Cyber Defence

Espionage Operations

• China hosts some of the world’s most vibrant and successful technology companies. It also remains a major victim of cybercrime.
• Chinese hackers have done cyber espionage at emerging high-technology advanced manufacturing companies of industries, like semiconductors, biotechnology and aerospace in the U.S., Japan, Europe and Southeast Asia.
• Keith Alexander, a former NSA Director, said that the Chinese operations enabled the “greatest transfer of wealth in history.”

​

​

Offensive Operations

• Ciaran Martin, Ex Chief Executive of National Cyber Security Centre, UK said, China, unlike Russia, had no history of disruptive cyber operations. They are now moving like Russia. By infiltrating critical infrastructure including energy and communication networks.
• In March 2024 UK confirmed that China backed hackers where responsible for a cyber attack targeting UK elections watchdog and a surveillance operation on British politicians.
• Christopher Wray, Director of the FBI said on 19 April 2024, Chinese government-linked hackers have infiltrated critical US infrastructure and are waiting for just the right moment to deal a devastating blow. An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors.
• Guam. Targeting of critical infrastructure in Guam, a big deal. Guam is a critical node for Indo-Pacom’s warfighting capability

​

​

​

Vault Typhoon

• Rear Admiral Mark Montgomery, former Executive Director of the Cyberspace Solarium Commission said, I’ll just say that if China is screwing with our critical infrastructure to X degree, they’re screwing with the Japanese critical infrastructure to 2X and the Taiwan infrastructure to 5X.
• National Security Advisor MikeWaltz stated in a December 24 interview with CBS News that the United States must ratchet up its offensive approach and impose costs in cyberspace, including against “private actors and nation state actors that continue to steal our data, that continue to spy on us, and that even worse, with the Volt Typhoon penetration, that are literally putting cyber time bombs on our infrastructure, our water systems, our grids, even our ports.”

​

​

​

​

Multiple Cyber “Typhoons”�

Volt Typhoon

• Chinese cyber threat actors have gained access to important U.S. networks. The most high-profile of these are Volt Typhoon, which burrowed into U.S. critical infrastructure, potentially to preposition cyber assets in the event of a crisis or conflict with the United States.

Salt Typhoon

• Penetrated multiple telecommunications networks to spy on Americans.
• Gaining access to some of America’s largest telecommunications companies including Verizon and AT&T, was an intelligence bonanza for China.
• Hackers gained access to extremely high-value targets, including then President-elect Donald Trump’s and Vice President-elect JD Vance’s cell phones.

Salt Typhoon and Volt Typhoon differ in terms of their operational objectives and their temporal dimension. Objective of Salt Typhoon is to stealthily steal information in support of intelligence collection priorities. Volt Typhoon represents cyber operational preparation of the environment. The immediate operational objective is to gain access and preposition capabilities to use at some future date. It gives China tools it can use later.

​

​

• Since 2020, India has faced multiple malware attacks against seaports, ten distinct Indian power sector organisations (including four of the five Regional Load Despatch Centres (RLDC) responsible for the operation of the power grid through balancing electricity supply and demand) and oil and gas facilities of Power System Operation Corporation (POSOCO), National Thermal Power Corporation (NTPC) Kudgi and Telangana State Transco. Suspected APTs behind these attacks include the notorious Chinese hacking group identified by the FBI as 'Barium' (or APT 41).
• It is unclear whether a cyber intrusion facilitated an October 2020 power outage in Mumbai. Indian government authorities have offered conflicting root cause assessments for this incident.
• In April 2022, American cybersecurity company Recorded Future informed that Indian power grid institutions were attacked by ShadowPad malware attributed to conduct espionage activities in the Ladakh region of India.
• In March 2021. cyber-intelligence company Cyfirma reported that two major Indian vaccine and pharmaceutical manufacturers, Serum Institute of India and Bharat Biotech, experienced hacking attempts against their IT systems from China-based APT 'Stone Panda'. This ATP works with the Chinese Ministry of State Security's Tianjin State Security Bureau.
• Some of the victims of malicious cyber attacks are: Air India, Nucleus Software, Dominos and UpStox, SII and Bharat Biotech, Mobikwik, Airtel - J&K (Airtel Denied.) JusPay, Bigbasket, Dr Reddy Laboratories, Tata Power – Mumbai, Indian Railways, Unacademy, Kudankulam Nuclear Power Plant, ISRO, Healthcare Data Leakages.
• In November 2020, cyber attack using DDoS, IP hijacking, and phishing originating in Chengdu targeting critical infrastructure, banking, and information sectors. Western Theater Command of the PLA is responsible for executing the kinetic aspects of the standoff with India and has a joint operations command center in Chengdu.

​

​

China’s Cyber Operations against India

Psychological Operations

CCP Circles of Influence

PRC Political Warfare Against Taiwan

Power

• Soft Power. Ability to attract and co-opt through culture, values, and policies.

​

• Smart Power. A strategic blend of soft and hard power tools.

​

• Sharp Power. Characterised by manipulative tactics like disinformation and cyber intrusions to undermine democratic systems.

• Discourse Power. Focuses on shaping global narratives and norms to project their worldview and influence international systems.

​

The Three Warfares

​

• Psychological Warfare seeks to disrupt an opponent’s decision-making capacity; create doubts, foment anti-leadership sentiments. Deceive and diminish the will to fight among opponents.

​

• Legal Warfare (“lawfare”) can involve enacting domestic law as the basis for making claims in international law and employing “bogus” maps to justify China’s actions.

​

• Media Warfare is the key to gaining “domestic over the venue for implementing psychological and legal warfare”.

Psychological Operations are coordinated at the highest level and executed by the following actors

• PLA Political Work Department.
• United Front Work Department (UFWD).
• International Liaison Department.
• The Ministry of State Security (MSS).
• Ministry of Public Security (MPS).
• People's Armed Police (PAP).
• The PLA Strategic Support Force (SSF), now PLA ISF.
• Members of the former General Political Department, specifically the 311 Base responsible for PLA PSYOP.

​

Main actors implementing Chinese Psychological Operations

Within the Party.

• Propaganda Department, which oversees ideology, controls the entire media spectrum and all the cultural production in the country.
• United Front Work Department (UFWD), with its twelve offices reflecting its main targets
• International Liaison Department (ILD), which maintains relations with foreign political parties.
• 610 Office, which has agents across the world acting outside any legal framework.
• The Chinese Communist Youth League (CYL) serving as a link toward young people, as an incubator for future Party executives and as a force that can be mobilized when needed

Within the state. Ministry of State Security (MSS), which is the main civilian intelligence agency and Taiwan Affairs Office (TAO), in charge of the propaganda aimed at Taiwan.

Within PLA. Strategic Support Force (SSF) through its Network Systems Department. Base 311, headquartered in Fuzhou, is dedicated to the implementation of the “Three Warfares” strategy. It also operates media companies as civilian covers and a fake hotel to hide a training center.

Public and private companies. Play an important role in collecting the data needed to decide who should be targeted by influence operations, when, and how.

Main Actors

Diasporas. With the dual objective of controlling them – so that they do not represent a threat for the Chinese power.

​

Diplomacy

• Influence over international organisations and norms. Beijing deploys classic diplomatic resources along with clandestine influence operations.
• “Wolf-Warrior” diplomacy. Aggressive postures adopted by the Ministry of Foreign Affairs’ spokespersons and a dozen diplomats. Proven counter-productive.

​

Economy. Economic coercion takes very different forms: a ban from the Chinese domestic market, embargos, trade sanctions and restrictions on domestic investment, quotas imposed on regions highly dependent on Chinese tourists or mass boycotts. Beijing increasingly imposes censorship as a prerequisite to access its domestic market; many companies end up bowing under pressure.

​

Politics. With the goal of penetrating target countries to influence public policymaking mechanisms maintaining direct relationships with political parties and influential political figures.

​

​

​

Transnational Repression �

• China executes pervasive and brutal transnational repression.

​

• Its targets include civil liberties activists and diasporic communities like the Uyghurs, Tibetans, Chinese Christians, and Falun Gong practitioners.

​

• China conducts global digital surveillance to track dissidents and to pressure them into silence.

Social Media Warfare - Borrowing a Boat Out to Sea�

• Long-standing Chinese government strategy to exploit foreign media to deliver Chinese propaganda.
• Chinese military views social media as a tool for influence and broader information operations at home and abroad.
• PLA has a de facto presence on Western platforms through Chinese state-run media accounts on Facebook, Twitter, YouTube, Instagram, and others that relay its messages to unwitting audiences and help the military collect data on its effectiveness.
• PLA is developing technologies for subliminal messaging, deep fakes, overt propaganda and public sentiment analysis on Facebook, Twitter, LINE and other platforms

Social Media Warfare Strategy- Borrowing a Boat Out to Sea�

• Has a significant and still expanding official presence on Facebook, Twitter and YouTube and China's big externally facing media (CGTN, Xinhua, China Daily, etc.). On Twitter, there has been a substantial growth in official China-linked accounts, especially those run by embassies and diplomats.
• Platforms like TikTok, owned by ByteDance, exemplify China's use of emerging digital spaces to promote CCP narratives and suppress dissent.
• Tencent, China’s largest tech conglomerate, has established itself as a global leader in the gaming industry. It invests in games that captivate international audiences while integrating elements of Chinese culture into the gaming experience.
• Chinese state-controlled outlets like Xinhua sometimes collaborate with international media like Microsoft News and Reuters through paid content agreements.
• Chinese embassies and companies pay media outlets or journalists to publish CCP-approved content.
• China employs 20 million "network civilisation volunteers" to amplify pro-China voices and suppress critical perspectives.

​

Techniques Used

• Western Social Media Platforms like Facebook, Twitter and Youtube are banned since July 2009. Chinese Party-State media have put together lively presences on these platforms. Chinese ambassadors worldwide have been opening Twitter accounts to feed their government’s positions into global debates on China.
• China Daily stated that it had spent $11 million in advertising in prominent U.S. newspapers like Chicago Tribune, The Los Angeles Times, The Houston Chronicle, etc. It disclosed that it spent $2,65,822 on Twitter advertisements.

Content Farms

• CCP has ‘Content Farms’ in Malaysia and Taiwan to spread pro-party messaging.
• A Content Farm is a website that creates a high volume of highly trafficked articles.
• Content Farms crowdsource articles without any editorial control.
• After creating the articles, the Content Farm operators recruit and pay individual social media users to spread them.
• It circumvents detection and direct association between these entities and the Chinese Government.
• A single user can make about $7 for every thousand views a shared article receives.

Fifty Cent Party

• To control online public opinion, China utilises many internet commentators, known as the Fifty Cent Party.
• Fifty Cent Party refers to internet commentators who are organized and paid by the government to write online in favour of government policies, boost Xi Jinping’s image and monitor netizens’ activities, often using fake identities.
• The Fifty Cent consists of civilian government employees who are required to post pro-CCP narratives on the internet as a part of their political position.

​

​

​

​

​

​

​

Chinese TV

• Top two global Chinese TV outlets China Global Television Network (CGTN) and state broadcaster China Central Television (CCT­V) reach hundreds of millions of television viewers, radio listeners, and social media users abroad.
• CGTN broadcasts in English, Spanish, French, Arabic, Russian around the globe via satellite, cable, and over the internet. It has hundreds of journalists stationed overseas.
• In many cases the outlets provide little to no transparency on who publishes the content.

​

Confucius Institutes (CI)

• Confucius Institutes are education organisations sponsored by the CCP to teach Chinese culture, language and history at the primary, secondary and university level worldwide.
• China likes to compare the CIs with branches of France's L’Alliance Francaise, U.K.’s British Council, Germany’s Goethe Institute and Spain’s Cervantes Institute.
• As per Xinhua, there were more than 500 CIs in 142 countries as of late 2017. There were at least 110 CIs and 501 Confucius Classrooms in (secondary schools) across the U.S alone.

​

• There are currently more than 100 ICCs throughout China, the earliest created was in 2018, but most were formed in 2023 or later.
• ICCs have a range of responsibilities that include explaining China to the world, developing external propaganda capabilities, coordinating resources throughout their jurisdiction, operating foreign social media accounts, training external propaganda talent, monitoring international public opinion, building networks of foreign influencers, organizing trips by foreigners around China, and supporting economic development in their jurisdiction.
• A well-resourced ICC can operate and be supported by infrastructure such as websites, social media accounts, mobile applications, broadcast channels, domestic sub-centers, overseas liaison stations, and foreign-oriented news brands and partnerships with government departments, central state media, businesses, and universities.
• Countries covered by ICCs dedicated to targeting specific audiences include Myanmar, Laos, Thailand, Cambodia, Vietnam, other members of the Association of Southeast Asian Nations (ASEAN), Russia, and South Korea; other ICCs likely conform to provincial economic interests, such as in the targeting of Japan by Fujian’s ICC.
• Countries in which ICCs have established overseas liaison stations and other partnerships include (but are almost certainly not limited to) Australia, Belarus, Belgium, Brazil, Cambodia, Canada, Egypt, France, Germany, Guyana, Hungary, Japan, Kazakhstan, Kyrgyzstan, Panama, Peru, Russia, South Africa, South Korea, Spain, Sweden, the United Kingdom (UK), the United States (US), and Uzbekistan.

International Communication Centres (ICCs)

• There are currently more than 100 ICCs throughout China, many established under guidance from propaganda authorities in major media organizations at the provincial, city, and county levels; the earliest created was in 2018, but most were formed in 2023 or later.
• ICCs have a range of responsibilities that include explaining China to the world, developing external propaganda capabilities, coordinating resources throughout their jurisdiction, operating foreign social media accounts, training external propaganda talent, monitoring international public opinion, building networks of foreign influencers, organizing trips by foreigners around China, and supporting economic development in their jurisdiction.
• A well-resourced ICC can operate and be supported by infrastructure such as websites, social media accounts, mobile applications, broadcast channels, domestic sub-centers, overseas liaison stations, and foreign-oriented news brands, as well as partnerships with government departments, central state media, businesses, and universities.
• Countries covered by ICCs dedicated to targeting specific audiences include Myanmar, Laos, Thailand, Cambodia, Vietnam, other members of the Association of Southeast Asian Nations (ASEAN), Russia, and South Korea; other ICCs likely conform to provincial economic interests, such as in the targeting of Japan by Fujian’s ICC.
• Countries in which ICCs have established overseas liaison stations and other partnerships include (but are almost certainly not limited to) Australia, Belarus, Belgium, Brazil, Cambodia, Canada, Egypt, France, Germany, Guyana, Hungary, Japan, Kazakhstan, Kyrgyzstan, Panama, Peru, Russia, South Africa, South Korea, Spain, Sweden, the United Kingdom (UK), the United States (US), and Uzbekistan.

ICC

Economic Coercion

• Uses coercive eco­nomic tools through a combination of targeted suspension of preferential tariff terms, selective bans of imported goods, ex­panded import restrictions on a range of products beyond just agricultural and aquatic goods.
• Arbitrary regulatory enforce­ments targeting select companies for their political activities.
• Sanctioning of individuals and organizations.
• China aims to create and use as political leverage Belt and Road Initiative (BRI) and the Digital Silk Road (DSR) by using its global expansion in telecommunications, e-commerce, hardware, software, big data, artificial intel­ligence and machine learning, the Internet of Things and other digital infrastructure and norms across the globe.

​

Cognitive Domain Operations (CDO)

• Cognitive warfare represents a strategic approach to conflict that seeks to influence and control the thought process, polit­ical-military decision-making and behaviours of targeted popu­lations.
• Emerging technology such as artificial intelligence and big data are key to creating profound advancements in CDO.
• Next evolution of warfare will be cognitive warfare.
• Defeat the enemy by employing the method of “mind superiority.”
• Information warfare focuses on controlling the dissemination of information, cognitive warfare strategically aims to control or alter the way people react to information.
• CDO actions integrate military, political, economic, public opinion, psychology, legal theory and other means to achieve strategic national security goals that affect a target’s cognition, decision making, and behaviour.
• Seizing mind dominance in the cognitive domain and subduing the enemy without fighting is the highest realm of warfare.
• Shortcomings the PLA is facing: not enough high-level planning, not enough joint integration across the other domains and not enough innovation. PLA has little research on the technology and equipment for cognitive domain operations on mainstream social networking platforms. It needs to improve its big data, natural language processing, and deep learning capabilities.
• PLA should use artificial intelligence (AI) to run its bot network on social media, which would be able to create content based on human guidance, select the appropriate time to post on social media and be able to coordinate between these “sockpuppet” accounts.

PRC President Xi Jinping, 2019

Where are we

Conclusion

• War in Ukraine revealed that cognitive warfare and cyber warfare conducted in non-physical domains — do not alone provide strategic advantages.
• Neither Sun Tzu, who idealised subduing the enemy without fighting nor British strategist B.H. Liddell Hart, who advocated the indirect approach strategy, gave specific advice on how to put it into practice.
• In the long history of warfare, it has been physical battles that subdued the enemy’s will.

Q & A

PRC’s practices for influencing Taiwan’s information�environment and conducting “cognitive warfare”�directed against its citizens,