1 of 74

Blank slide

2 of 74

�� Maj Gen P K Mallick,VSM (Retd)

Panagarh

20 Jun 2023

Decoding China's Information Warfare:

A Comprehensive Analysis of Organisation and Tactics

3 of 74

https://www.strategicstudyindia.com/

4 of 74

https://indianstrategicknowledgeonline.com/

5 of 74

6 of 74

7 of 74

8 of 74

9 of 74

Evolution of Information Warfare

10 of 74

Information Operations

Information Operation (IO) are described as the integrated employment of:

Electronic Warfare (EW)
Computer Network Operation (CNO)
Psychological Operations (PSYOP)
Military Deception (MILDEC)
Operation Security (OPSEC)

In concert with specified supporting and related capabilities, to influence, disrupt, corrupt, or usurp adversarial human and automated decision making while protecting our own.

Capability Supporting IO. include information assurance (IA) physical security, physical attack , counterintelligence and combat camera. There are either directly or indirectly involved in the information environment and contribute to effective IO.

There are three related military capabilities: public affairs (PA), civil military operations (CMO) and defence support to public diplomacy.

11 of 74

There are three forms of Computer Network Operations:

Computer Network Attack (CNA). CNA is deliberate actions and operations over an extended period of time to alter, disrupt, deceive, degrade or destroy adversary computer systems or networks or the information and programs resident in or transiting these systems or networks. A cyber attack seeks to cause the adversary's computer systems and networks to be unavailable or untrustworthy and less valuable. It is destructive in nature.

Computer Network Exploitation (CNE). CNE uses actions and operations to obtain information that would otherwise be kept classified and is resident on or transiting through an adversary's computer systems or networks. Cyber exploitations are usually covert in nature. They do not seek to disturb the normal functioning of a computer system or network. The best cyber exploitation is one that a user never notices. It is non-destructive.

The fundamental difference between a cyber attack and cyber exploitation is the payload's nature to be executed. A cyberattack payload is destructive, whereas a cyber exploitation payload acquires information non-destructively.

12 of 74

The Dividing Line That Should Be Sharpened : Technical Operations Vs Inform and Influence Operations

13 of 74

14 of 74

15 of 74

16 of 74

Convergence of Cyberspace Operations and Electronic Warfare

Porche, et al., “Redefining Information Warfare Boundaries for an Army in a Wireless World,” p.51

17 of 74

CEMA

18 of 74

19 of 74

Electromagnetic Spectrum Operations Are Composed of Two Coordinated Efforts

20 of 74

Indian Army Doctrine

Forms of IW (October 2004, pg 20)

Command and Control Warfare (C²W)
Intelligence Based Warfare (IBW)
Electronic Warfare (EW)
Psychological Warfare
Cyber Warfare
Economic Information Warfare
Network Centric Warfare (NCW)

IW battle space deals with physical, information infrastructure and perceptual realms. From IA’s perspective, IW will comprise Cyber Warfare, Psychological Warfare and EW. (November 2010, pg 53)

Land Warfare Doctrine, 2018 also states IW consists of EW, Cyber and

Psychological Warfare, Page 10.

21 of 74

22 of 74

Syria.

Very Interesting. In September 2007, Israeli F-15 and F-16 aircrafts assaulted a suspected nuclear reactor in Syria in an operation known as Operation Orchard. This incident is perhaps one of the finest examples of the use of network intrusion to support a kinetic military action.

Israel employed a computer program designed to attack computer networks and alter the data being provided by a sensor system to either human or linked machine observers. Israel disrupted Syrian air defence systems and fed them false radar and other sensor information to mask the transit of Air Force jets into Syria.

Some other reports stated that Israeli cyber warriors were able to attack the computer networks controlling Syrian air defence systems and use a built-in kill switch, a piece of code incorporated during the production phase and designed to allow unauthorised control of a system. It was said that a malware was inducted into a laptop of a high Syrian official in a hotel clandestinely.

Whatever the case, one of Russia's most sophisticated air-defence systems did not show any aircraft in their scopes when F-16s were creating havoc.

23 of 74

China

24 of 74

Evolution of Theory of Warfare

25 of 74

The Era of Mao Zedong (1927–1976): The Curse of the Final War and Active Defence

The Era of Deng Xiaoping (1976–1989): A Break from the Final War and a Shift to Local War

The Era of Jiang Zemin (1989–2004): Local Wars under High-Tech Conditions

The Era of Hu Jintao (2004–2012): Informatized Local Wars.

The Era of Xi Jinping (2012–Present): Intelligentized Warfare

Changes in China’s Military Strategy

China’s Leaders and Military Strategy

26 of 74

The concept entails incorporating more artificial intelligence and machine learning into various platforms and systems. Building atop big data and cloud computing, the concept of “intelligence-ization” would seem to focus on allowing more data processing to occur within weapons and platforms, to better handle the huge amounts of data that are now flowing through the various networks

Intelligentized Warfare. The CCP announced in October 2020, that modern warfare is evolving to include intelligentization and incorporated the concept into its 14th Five-Year Plan. China expects that advanced technologies like AI, cloud computing and big data analytics will be changing the future of warfare quickly.

PLA strategists have stated that operationalization of AI will be necessary to improve the speed and quality of information processing by reducing battlefield uncertainty and providing decision making advantage over potential adversaries. The PLA is also exploring next-generation operational concepts like intelligentized warfare, cross-domain mobile warfare, attrition warfare by intelligent swarms, AI-based space confrontation and cognitive control operations.

27 of 74

The official Military Terminology of the Chinese People’s Liberation Army defines Information Operations

“Comprehensively employing electronic warfare, cyber warfare, psychological warfare, etc. to form operations to attack or confront an adversary. The goal is to interfere with and damage enemy information and information systems in the cyber and electromagnetic domain, influence and weaken an enemy’s capabilities for information gathering, transmission, management, exploitation and decision-making, and ensure the stable functioning of one’s own information systems functions, information security and accuracy of decisions.”

28 of 74

Strategic Support Force (SSF)

Established in 2015, the PLA Strategic Support Force (SSF) centralizes the command and control of space operations and information operations (which include cyber, electronic, and psychological warfare). The SSF also supports the use of these capabilities by the services. PLA Strategic Support Force (PLASSF). This entity brings China’s space, network warfare, and electronic warfare forces under a single structure. The PLASSF’s forces are responsible or achieving space dominance, network dominance and electronic dominance, which are in turn essential to establishing information dominance. in the United States, there is no single service or combatant command that combines space, electronic warfare, and computer network warfare operations. Fielding of space forces is the responsibility of a new service, the United States Space Force (USSF), while the conduct of military space operations is the responsibility of US Space Command (USSPACECOM), a unified combatant command. Computer network operations are the responsibility of Cyber Command (USCYBERCOM), another unified combatant command, drawing upon the various services for cybercapable forces. CYBERCOM shares some tasks with the National Security Agency, an intelligence organization and not a military force. Electronic warfare, meanwhile, is the responsibility of individual services. While the SSF’s most potent cyberwarfare formations, namely technical reconnaissance bureaus with advanced persistent threat (APT) capabilities subordinate to the SSF Network Systems Department, frequently target defense industry, media, telecommunications, and other organizations to support the PRC’s peacetime cyber and economic espionage campaigns,11 they would likely prosecute more sensitive missions against political or infrastructural targets at the sole behest of Xi Jinping through the CMC, in keeping with the desire for tight, centralized control over these capabilities. The PLASSF was established in December 2015. The key reason China created such a specialized unit was to solidify joint operation capabilities, develop the concept of information warfare, satisfy the necessity of information assistance in an expanded area of warfare, and perform effective psychological warfare in an informationalized war.

29 of 74

��Tasks��

To provide the PLA with strategic information support through space and network-based capabilities, including communications, navigation and positioning, intelligence, surveillance and reconnaissance, and military information infrastructure protection.
To conduct information operations, including space and counter space, cyber, electromagnetic warfare and psychological operations.
To convert advanced technologies into military capabilities.

30 of 74

��Joe McReynolds, a research fellow at the Jamestown Foundation and John Costello at the U.S. Department of Homeland Security, identified the following missions of strategic information support: �

Centralising technical intelligence collection and management.
Providing strategic intelligence support to theatre commands.
Enabling PLA power projection.
Supporting strategic defence in the space and nuclear domains.
Enabling joint operations.

31 of 74

ORG

32 of 74

33 of 74

34 of 74

Key Departments and Roles of the SSF

Source: http://www.nids.mod.go.jp/publication/chinareport/pdf/china_report_EN_web_2021_A01.pdf

The raising of the PLA Strategic Support Force (PLASSF) Space Systems Department (SSD) is an organisational innovation that places all major components of China’s space program under a unified command structure. The SSF Space Systems Department is responsible for nearly all PLA space operations, including space launch and support; space surveillance; space information support; space telemetry, tracking, and control; and space warfare. The SSD integrates space-related Research, Development and Acquisition, operations and training under a single authority.

The PLASSF Space Systems Department is central to China’s ambitions in space. The PLA has already fielded electro-optical (EO), radar and other space-based sensor platforms that can transmit images of the Earth’s surface to ground stations in near-real-time. China is investing heavily in EO, synthetic aperture radar (SAR) and electronic reconnaissance surveillance capabilities. The SSD has taken over almost every aspect of PLA space operations including space launch and support; space telemetry, tracking, and control, space information support, space attack and space defence.

35 of 74

36 of 74

37 of 74

38 of 74

ORGANIZATION OF THE OPERATIONAL BUREAUS OF THE THIRD DEPARTMENT

1st Bureau (61786 Unit)—decryption, encryption, information security
2nd Bureau (61398 Unit)—US and Canada focus
3rd Bureau (61785 Unit)—line of sight radio communications, direction finding, emission control
4th Bureau (61419 Unit)—Japan and Korea focus
5th Bureau (61565 Unit)—Russia focus
6th Bureau (61726 Unit)—No mission given; Wuhan U. network attack and defence center is located in this area of operation
7th Bureau (61580 Unit)—some computer network attack and computer network defense, some work on the US network-centric concept, psychological and technical aspects of reading and interpreting foreign languages
8th Bureau (61046 Unit)—Western and Eastern Europe, Middle East, Africa, Latin America
9th Bureau (unknown Unit)—strategic intelligence analysis/data base management, the most opaque bureau
10th Bureau (61886 or 7911 Unit)—Central Asia or Russia, telemetry missile tracking, nuclear testing
11th Bureau (61672 or 2020 Unit)—Russia
12th Bureau (61486 Unit)—satellites, space-based signals intelligence (SIGINT) collection

39 of 74

The Fourth Department

40 of 74

41 of 74

Operational Bureaus are separate from the Technical Reconnaissance Bureaus (TRB) under the seven military region headquarters. The TRBs of the military regions (MRs) include the following responsibilities

Beijing MR (66407 Unit)—Russia, along the Inner Mongolian border

Chengdu MR (78006 and 78020 Unit)—2 TRBs; English, computer network exploitation operations

Guangzhou MR (75770 Unit)—Internet viruses, voice over Internet protocol

Jinan MR (72959 Unit)—oversees 670 technical specialists, microwave relay intercepts, Korean, Japanese, English, and other language specialists

Lanzhou MR (68002 and 69010 Units)—monitor border military activities

Nanjing MR (73610 and 76630 Units)—Western Pacific, Taiwan

Shenyang MR (65016 Unit)—Russia, Korea, Japan targets.

42 of 74

LANZHOU MILITARY REGION

The Lanzhou MR oversees two TRBs. The Lanzhou MR First TRB (68002 Unit) is centered in the southern Lanzhou City‘s Qilihe District. Dai Shemin serves as the bureau‘s political commissar.

Unlike other MRs, no subordinate offices under the Lanzhou MR First TRB could be identified. However, the Lanzhou MR‘s Second TRB (69010 Unit) appears to be a play an important and unique role in China‘s SIGINT community.

The Lanzhou MR Second TRB is headquartered in Ürümqi‘s Shuimogou village and has its roots in a section of the Third Department‘s Second Bureau based in Xinjiang. It merged with the Xinjiang MR, becoming the Lanzhou MR‘s second TRB in the mid-1980s.

It has subordinate offices located in Kashi‘s Shule County, Altay, and Yining that likely monitors Signals Intelligence and Cyber Reconnaissance Infrastructure and military activities along China‘s borders with India, Pakistani, Afghanistan, Tajikistan, Kyrgyzstan, Kazakhstan, Russia, and Mongolia

43 of 74

Electronic Warfare

While electronic warfare is nominally aimed at equipment such as radars, communications systems, weapons control and guidance systems, and electronic countermeasures and electronic counter-countermeasures, it is actually about dominating the “electromagnetic space or electromagnetic spectrum, ranging from super low frequencies to ultraviolet, including the visible light spectrum. 26 Because electronics are now integrated into the very function of most weapons, electronic warfare now occupies a much more central role in establishing information dominance. Indeed, electronics have assumed a growing proportion of the cost and sophistication of modern weapons; some of the most expensive elements of modern warships and combat aircraft are the onboard electronics, rather than the metal. As one PLA analysis noted, electronics represent 20% of the cost of a modern warship, 24% of the cost of a modern armored fighting vehicle, 33% of a military aircraft, 45% of a missile, and 66% of a satellite.27

44 of 74

Chinese Electronic Warfare systems on 6x6-wheeled CTL181A Dongfeng Menshi armored vehicles

PLASSF’s Electronic Warfare Capabilities

China appears to have an electronic warfare capability almost equivalent to that of developed countries such as the United States and Russia. Also, it seems that China’s electronic warfare equipment has been advanced based on land, sea, and air.

At this moment, the PLA possesses ground-based electronic warfare equipment, a wide spectrum of air-based signals intelligence collection as well as reconnaissance aircraft, unmanned aircraft, and some electronic warfare fighters. Additionally, it also possesses several passive radar operations, synthetic aperture radar satellites, and signals intelligence satellites.

The electronic warfare capability of China’s SSF has three significant impacts

The first is the Chinese electronic warfare activities close to the LAC via manned electronic warfare aircraft.
The second is its collecting activities of electronic warfare intelligence through the unmanned electronic warfare aircraft.
The last is its electronic warfare activities by satellite.

The first impact caused by electronic warfare activities with manned electronic warfare aircraft flying around the LAC is that the Chinese warplanes flying mostly are types of reconnaissance and bombers which have a long flying range, not the fighter planes whose operational ranges are short.

China’s electronic warfare aircraft belongs to the Chinese Navy and Air Force.

The Implications for the IA

the importance of electronic warfare aircraft will be highlighted.

unmanned electronic warfare aircraft equipped with radar jamming, communication disrupting, and more active electronic warfare capabilities will be employed.

“integrated electronic warfare,” in which many kinds of devices from detectors in every spectrum of radio waves to electronic disturbance devices in diverse war circumstances are connected within a network, will be developed in the future.

the non-destruction weapons system will be so advanced that combatants can achieve military purposes without killing people, not only in conventional warfare but also in the complicated environments of new warfare such as counterterrorism and peacekeeping operations. Electromagnetic pulse (EMP) weapons, high-power micro (HPM) weapons and high-energy lasers (HEL) weapons are good examples of non-destruction weapons.

Future steps that the IA should take.

• First, the IA should develop an operational concept based on electronic warfare in the field of joint operations. In the process, electronic warfare should be defined on the grounds of the Soft Kill concept. The combination of material means and electronic warfare as one of non-material means will be very effective. the IA needs to establish and develop the concept of electronic warfare as a means of Soft Kill to cope with electronic warfare with China.

• Second, in order to respond to China’s electronic warfare, the IA should practice the ways of operations. If the activities of China’s manned electronic warfare flights are expected and detected, then the IA needs to deter and refuse the Chinese army from collecting its electronic intelligence, like radio waves, by quickly turning off major radars and communication devices. If a reactive operation is conducted with the exact information of China’s electronic aircraft, then the effect would be amplified.

• Third, it is necessary for the IA to develop a countermeasure system against China’s electronic warfare aircraft. There are two mechanisms:

 One is a passive way based on denial devices that prevent the counterpart from gathering its data. Revealing fake radiation when Chinese electronic aircraft fly is one such denial mechanism. In that case, the Chinese aircraft would gain fake information, not the actual radiations of its devices.

 Another active mechanism is based on collecting devices that allow the army to gain the counterpart’s data. Wide-area electronic aircraft and signals reconnaissance satellites are the best examples for collecting devices. The United States developed and renovated the C-130 transport into the EC- 130H (Compass Call), which is known to be a remotely-piloted electronic warfare aircraft. This type of aircraft is capable of distorting and disturbing a counterpart’s electronic signals even from hundreds of kilometers away for operational electric units.

 Also, signals reconnaissance satellites will allow the IA to improve signal collection capability even from space. The army with the satellites can secure electronic signals collection capability for a wider area—the signal information on land, sea, and air of neighboring countries, including Pakistan

45 of 74

The Electronic Warfare Units in the Network Systems Department

46 of 74

47 of 74

PLA 3rd Party Team for Information Warfare,�one of four EW divisions on parade

On October 1, 2019 the People’s Republic of China (PRC) celebrated the seventieth anniversary of its founding. Among the pageantry was a military parade in which the People’s Liberation Army (PLA) performed a highly orchestrated show of strength, exhibiting many of its strategic weapon systems. Although a carefully choreographed piece of propaganda, the parade nevertheless provides clues about China’s emerging warfighting doctrine. the PLA exhibited a large variety of electronic warfare systems.6

These included numerous ground-based jammers.7 The PLA also revealed two varieties of aerial jamming drones, including an electronic-warfare variant of its ASN-207 UAV, which previously only performed reconnaissance missions. According to Chinese state media, this variety of electronic warfare platforms highlighted China’s efforts “to seize the right to control information” during military operations. Through its parade, China has offered the clearest indication of its vision for future warfare. Jammer-equipped aircraft, trucks, and ships will blind U.S. sensors. A networked complex of drones, radars, and satellites will feed vital targeting information to China’s missile forces. And future hypersonic weapons, flying fast and low, will evade U.S. missile defenses.

48 of 74

PLA’s Electronic Warfare Aircraft (Y-9G)

49 of 74

Yaogan-30 Signals Intelligence Satellite

50 of 74

Organisation of PLA EMSO Units in SSF and Theater Commands

51 of 74

Cyber Warfare

52 of 74

The PRC’s Cyber Actors The PRC relies upon a vast constellation of bureaucracies to carry out its state-sponsored cyber operations. Among the most prominent of these are three civilian and military organizations: the Ministry of Public Security (MPS), the Ministry of State Security (MSS), and the People’s Liberation Army’s Strategic Support Force . The Ministry of Public Security (MPS)’s provincial Network Security Protection Detachments secure the PRC’s domestic network infrastructure by looking for intrusions and investigating internet crimes, the latter of which includes removing what the Chinese Communist Party (CCP) deems “harmful information.”1 The MSS runs cyber-enabled espionage and counter-espionage operations against all manner of foreign government agencies, companies, and dissidents through its provincial departments supported by penetration testers and tool developers housed within the various provincial and functional offshoots of its central-level 13th Bureau, otherwise known as the China Information Technology Evaluation Center

53 of 74

Cyber Exploitation Activities

Chinese hackers have done cyber espionage at emerging high-technology advanced manufacturing companies of industries, like semiconductors, biotechnology and aerospace in the U.S., Japan, Europe and Southeast Asia. They were interested in the financial information and negotiation strategies of companies in the banking, energy, law and pharmaceutical sectors. Keith Alexander, a former NSA Director, said that the Chinese operations enabled the “greatest transfer of wealth in history.”

The Washington Post reported that Chinese hackers stole critical files relating to missile defence, including “the advanced Patriot missile system, … an Army system for shooting down ballistic missiles, … and the Navy’s Aegis ballistic missile defence system.” The hackers also gathered information on planes, helicopters, and ships, including “the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the Navy’s new Littoral Combat Ship, which is designed to patrol waters close to shore.” These were the weapons on which the United States would rely in a fight with China.

54 of 74

GhostNet. China has been conducting cyber espionage operations against India for a long time. One of the earlier examples was the GhostNet episode. Between June 2008 and March 2009 the Information Warfare Monitor conducted an investigation focused on allegations of Chinese cyber espionage against the Tibetan community. GhostNet penetrated computer systems containing sensitive and secret information at the private offices of the Dalai Lama and other Tibetan targets.

GhostNet, infected 1,295 computers in 103 countries. Almost a third of the targets infected by GhostNet included the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan; embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan; the ASEAN (Association of Southeast Asian Nations) Secretariat, SAARC (South Asian Association for Regional Cooperation) and the Asian Development Bank; news organizations; and an unclassified computer located at NATO headquarters.

55 of 74

56 of 74

Psy Warfare

57 of 74

How do you influence the mind of Opposing Commander

58 of 74

Question Marks

59 of 74

��Question Marks�

PLA has its weaknesses and limitations like limited combat experience, the inadequate capability to conduct joint operations, limited expeditionary capabilities, a new and mostly untested organisational structure and dependence on foreign suppliers for certain critical equipment and materials. PLA is aware of its shortcomings
Chinese cyber threat is often overstated and not placed into proper context, especially by the Americans. A well known China expert, Greg Austin, draws attention to factors such as:

Commercial lobbying and attention-seeking by American cybersecurity firms.
Media environment too receptive to cyberspace intrigues and anti-China rhetoric.
General lack of knowledge even among the highest decision-makers on the details and conduct of the US’s own cyber espionage and operations against China.

60 of 74

�Organisational Issues�

It is still not clear how the PLA will integrate the SSF’s cyber operations, which is mostly focused on espionage and offence, with the PLA’s cyber defence mission. The responsibility for PLA network protection remains with the Information Support Base under the Joint Staff Department’s Information and Communications Bureau. This arrangement is similar to USCYBERCOM and the Defense Information Systems Agency(DISA).
Does the SSF have the responsibility for the cyber defence of private, civilian and critical infrastructure networks? It is not clear from where the SSF would get the resource in terms of the personnel or capabilities to fulfil this role. The SSF would need to create this capability from scratch.
The coordination between SSF cyber defence and protection mission and the Ministry of Public Security and Cyberspace Administration of China, both charged with maintaining the security and defence of China’s critical information infrastructure, is not clear. To protect critical infrastructure security, China would face challenges in explaining roles and responsibilities and establishing necessary legal, procedural, and technical means of operational coordination and incident response. This would require a lot of maturity and foresight as civilian and military authorities' requirements are sometimes contradictory or overlapping.
PLA units responsible for operations planning have little experience in anticipating and balancing between the two missions of CNA and CNE. The PLA has not developed a doctrine for the use of force in cyberspace under which consistent judgments can be made in a crisis.
The PLA will have to decide critical issues about peacetime and wartime targeting, escalation in situations where peacetime and wartime divide is blurred, battlespace prepositioning and the viability and wisdom of utilizing cyber operations to achieve specific strategic military objectives.

61 of 74

Command and Control

SSF is under the direct command of the CMC rather than being commanded by theatre commands. The SSF will act as a service. It is not clear if the CMC will also treat it as an operational entity or how the CMC will operationalise forces that are under its administrative purview.

Theatre commands will not have operational authority over strategic level cyber units, electronic warfare units or space assets. These capabilities will be commanded directly by the CMC. This is contradictory to the logic that services focus on force construction rather than operations and warfare.

62 of 74

New theatre commands and subordinate service elements are likely to have their own cyber or network-electronic operations capabilities. This raises the following questions:�

Effectiveness of China’s SSF in overcoming the PLA’s organisational and technical weaknesses and integrating successfully China’s war-fighting capabilities to fulfill joint operations requirements on the modern battlefield especially beyond China’s near-seas, remains to be seen.

It is not clear what are the SSF’s precise responsibilities for kinetic counter-space capabilities like ASATs, directed energy weapons, lasers, and how it will coordinate with the PLA Rocket Force to win future informatised warfare.

The progress of China’s next-generation dual-use innovations like quantum computing, cyber-warfare, space-based ISR, directed energy devises, AI etc.

63 of 74

��China’s Limitations��

Hardware and Software. China still needs to depend on foreign corporations in most sub-fields of cyber core technologies. These companies all have core technology in some sub-fields. Eight U.S. companies which China terms “eight King Kongs”: Cisco, IBM, Google, Qualcomm, Intel, Apple, Oracle, and Microsoft, are identified by China’s state-run media as US government proxies that posed a “terrible security threat.”
Many Chinese experts believe that U.S. companies report to the U.S. government. They also feel that the United States can disrupt or corrupt the functioning of any device with U.S.-made software.
Most of China’s personal computers use pirated versions of Microsoft Windows operating systems. The extensive use of illegal software comes from unreliable sources. These pirated systems are harder to keep patched than their legal counterparts.
Network Management. Compared to U.S., China’s network management can be termed as between underdevelopment and modernity.
China’s internet is one of the most commonly attacked. China suffered the highest rate of distributed denial of service attacks (DDOS) globally in 2018, averaging over 800 million attacks per day. An increasing percentage came mostly from the U.S., South Korea and Japan. The attacks that targeted government and financial websites mostly outnumbered those on other targets.
China’s efforts to keep its “Great Firewall” provide indictors of its cyber competence level. The result is mixed. Internet users in China use diverse methods, including virtual private networks (VPNs), proxy servers and mirror sites of blocked pages hosted on U.S. cloud computing services to circumvent censorship.
Centralised structure of internet governance. It is difficult to disable internet in countries where different internet providers operate networks. It is much easier to paralyse the Chinese internet through sophisticated attacks.

64 of 74

Industrial Control Systems (ICS). China's Industrial Control Systems (ICS) are exposed to damaging attacks. Over 80% of China's economy and critical infrastructure involve some type of industrial control system. These systems are vulnerable to attack due to :

Operators have low security awareness and ICS are connected to the internet.
Chinese industry is heavily reliant on foreign suppliers for ICS and these suppliers have access to service or update software.

Space. China’s space systems face a variety of potential threats. China’s greater reliance on space brings increased vulnerability. The countries that are developing counter space capabilities could threaten Chinese satellites.
Cyber Range. China lacks a testing range for a simulation environment to prepare for and defend against cyber attacks.
Thinking on offensive aspects. China tends to inflate the effectiveness of cyber weapons. Chinese military experts overemphasise the positive benefits of offensive Information Warfare while downplaying the limitations. This selective analysis can adulterate the decision-making process.
China's writings on information warfare show a lack of thorough research and analysis on its use and consequences.
Chinese operational research on cyber warfare has also not reached a sufficient level of sophistication.

65 of 74

China’s Limitations and Vulnerabilities in Cyberspace

July 2019 defence white paper states, “Cybersecurity remains a global challenge and poses a severe threat to China.”

Most core network technologies and key software and hardware are dependent on U.S. companies, a potential weakness that an opponent could exploit.

Adequate priority is not given to cybersecurity investment and expertise.

As per the ICT Development Index (IDI), China is ranked 80th, 81st, and 82nd among 176 states in 2017, 2016 and 2015 respectively.

China’s integrated air-defense systems; maritime intelligence, surveillance, and reconnaissance systems and dual-use networks would be “obvious targets” for cyber operations in the event of a conflict.

66 of 74

Education

It is not clear about the status of the Academy of Military Science, National Defense University and National University of Defense Technology. The following questions emerge:

Will they continue to be directly under the CMC?
Will new academies be formed or former academies transformed into new entities based on personnel and force structure changes?
Will more NCO schools or more command academies be established?
What changes will occur in the PLA system of educational academies and schools?
Will the number of new students be reduced because of the 300,000-person reduction?
Will PLA-wide guidance be issued establishing education and experience requirements for officers to be considered qualified as joint officers?

67 of 74

What Can India Do

Gain and maintain software advantage. Quality of software will determine our primacy in collecting and analysing information, developing operating picture, thwarting enemy attacks, identifying opportunities in time and space to most effectively attack and helping with target selection.
Constellation of low cost space based assets can play a critical role in defending against missile attack particularly hypersonic missiles.
Create a career field of military pers for software developers, data scientists, AI engineers.
Ensure resilience in our ability to sense, communicate, attack and supply.
Undermine adversary’s censorship system.
Undermine adversary command system.
Evolve deliberate war planning
Implement public private partnership model between the government, industry, academia, investors and civil society.

68 of 74

RECOMMENDATIONS

69 of 74

CONCLUSION

70 of 74

Amos Yadlin , Executive Director of Tel Aviv University's Institute for National Security Studies (INSS) and former IDF's chief of Military Intelligence

As a fighter pilot, I have a great deal of respect for airpower but it cannot determine the battle on its own and neither can the cyber realm. It is an important realm, but not one that can replace the physical dimension or combat. With all due respect to the cyber realm at the end of the day, we need soldiers on the mountaintops to finalise matters….. As to the future of the cyber realm, it may be that ‘winter is coming,’ or a Pearl Harbor, but we aren’t there yet.

How it could be if the cyber realm is such a powerful dimension, that the Russians have already been fighting in Syria for three years and have not yet decided the campaign? How have the Americans been fighting in Afghanistan for 17 years?”