In recent years, China has been found to be enlisting the services of more and more “white hat” hackers—those cybersecurity experts tasked with discovering and patching software vulnerabilities—to improve its cyberattack capabilities. This is quite a shift for Beijing: using domestic talent to improve its offensive cyber operations. Cyber-attacks with suspected Chinese involvement have surged after 2021, when Beijing started mandating reporting on software vulnerabilities to the government.
The development has worried cybersecurity experts worldwide, who now feel that China’s mix of state-mandated vulnerability disclosures and cyber offensives squarely places nations, especially the ones with critical infrastructure, at a heightened risk.
Cyber Threat Landscape Escalates
Reports indicate that China is attempting to position itself as a cyber warfare key player. The U.S. Cybersecurity and Infrastructure Security Agency issued an alert last month, warning of increased cyberattacks against critical infrastructure as the risk of potentially crippling attacks from Chinese hackers rises. Such an overall shift from simple espionage towards disruption and dangerous cyber operations may signal the opening rounds of a China-U.S. cyber conflict.
While both parties have agreed that it is important to discuss cyber issues, efforts to put in place effective bilateral crisis management mechanisms between the two countries have been sluggish. Earlier efforts at such discussions, which include pacts from the 2015 summit meeting at the White House between President Obama and Xi Jinping, did not create a significant amount of cooperation. The Biden administration meanwhile warnings have also not dissuaded China from engaging in cyber activities.
A History of Cyber Espionage
The rise of cyberattacks has always been linked to China, right from sensitive technology theft to the misuse of private data. Beijing has been trying to further its strategic interests with its cyber might. A case in point of how sophisticated the capability of China is in this sphere is the hijacking of the self-diagnostic system of the F-35 Joint Strike Fighter way back in 2009.
As tensions rise between the U.S. and China, one of the defining features of their technological rivalry involves cyber espionage. Knowing that these cyber exploits might affect critical infrastructure, more than ever, the reality could not be gripping. Cyber interference is placed on an unprecedented level of concern with next year’s U.S. elections.
International Repercussions and the Imperative for Dialogue
But China’s cyber activities go beyond their rivalry with the U.S. Hackers linked to Beijing have been implicated in several incidents globally, from efforts to influence elections to destabilize democratic institutions. All of this—alongside a growing reliance on white hat hackers—signals a broader strategy of leveraging cyber expertise for both domestic and international objectives.
This is not without precedent. In 2015, China joined the drafting of a UN note that recommended states not intentionally direct cyber-attacks against critical infrastructure. However, trust remains a large stumbling block to meaningful cooperation between the U.S. and China in this domain.
Experts also suggest that bilateral forums on cyber crisis management could be one way forward. Opaque channels of communication at least between the military establishments of the two countries can help minimize the threats of cyber warfare
The Convergence of AI and Cybercrime
The growing intersection of artificial intelligence with cybersecurity further complicates the landscape. While there has been some recent success in U.S.-China dialogues that articulate principles for the development of AI, much work remains. AI and cyber are inextricably linked, and any meaningful progress in one will likely have quite a few implications for the other.
Both countries are spending against AI and cyber, one has to be the loser. If AI does end up enhancing cyber, which probably will be the case, that adds yet more to the heady mix. That may mean that collaborative efforts in AI development could pave the way for more robust cybersecurity dialogues between the U.S. and China, which would clearly contribute to global stability.
The mobilization of white hat hackers by China marks a turning point in cyber strategy with implications for global cybersecurity. There is no denying that cyber war will be an essential part of the complex relationship between the U.S. and China. The world has never needed dialogue and cooperation more, but it will also be hard to come by, considering the huge trust barriers that need to be overcome. Meanwhile, the two superpowers continue to define the future of cybersecurity and international relations.