In a future war with the United States, China likely would first use cyberweapons to attack computer networks of U.S. forces in the Pacific rather than strike with conventional arms, according to a congressional report Thursday.
The cyberattacks would aim to disrupt the electronic systems on which U.S. Pacific Command relies for communications, command and resupply, impeding its ability to fight back against the People’s Liberation Army (PLA), says a report for the U.S.-China Economic and Security Review Commission.
“PLA analysts consistently identify logistics and [communications, command and control] infrastructure as U.S. strategic centers of gravity, suggesting that PLA commanders will almost certainly attempt to target these systems [with cyber-weapons], likely in advance of actual combat to degrade [U.S.] capabilities in a conflict,” the report states.
The report, prepared by analysts for defense contractor Northrop Grumman Corp., also says such attacks would take advantage of confusion over U.S. policies on how to respond to anonymous attacks over the Internet.
“Even if circumstantial evidence points to China as the culprit, no policy currently exists to easily determine appropriate response options to a large-scale attack on U.S. military or civilian networks in which definitive attribution is lacking,” says the report.
“Beijing, understanding this, may seek to exploit this gray area in U.S. policymaking and legal frameworks.”
The report notes that a successful cyberattack might not become apparent until after it is over or, worse, until conventional fighting has begun, as critical networks fail or become unreliable.
It is not just military networks that might fail as a result of Chinese cyberwarfare, the report warns.
The PLA’s close ties to large Chinese telecommunications firms mean China’s military has opportunities to penetrate the supply networks for electronic components used by the U.S. government and private industry as well as the U.S. military, building secret “back doors” or booby traps into vital systems.
Penetrating the U.S. telecommunications supply chain in this way would be complex and difficult, the report notes. But a successful attack would “cause a catastrophic failure of select systems and networks supporting critical infrastructure for national security or public safety,” it says.
The report, based on publicly available Chinese official and academic publications, says the PLA has been conducting military exercises that include cyberoperations in an effort to better integrate cybercapabilities into its war-fighting.
“PLA exercises increasingly include network attack, network defense, electronic countermeasures, and psychological operations operating alongside ground, naval, air, and strategic missile forces,” the report states.
The report says U.S. Transportation Command (Transcom) would be another likely target of any pre-emptive Chinese cyberstrike in the Pacific.
Transcom is the military command that provides cargo and logistics support to the nation’s armed forces - moving troops, equipment and supplies into and out of war theaters. It also provides midair refueling for U.S. aircraft.
Transcom’s computer systems have to run on unclassified networks because they are integrated with commercial airlift providers. The global system that manages midair refueling missions, for instance, is based on the Internet and could be susceptible to penetration by Chinese hackers, the report says.