The People's Republic of China. The United States of America.
There are many other actors in the global cyberwar, from nation states to criminal organizations to hacktivist groups. Today, however, we're going to just focus on China vs. the U.S. It's a war both undeclared and unwinnable, but very, very real.
This weekend, we saw yet another report about China hacking American systems. This time, the Chinese attackers apparently managed to breach our weapon systems designs.
As our own Charlie Osborne reports, "Over two dozen weapon system designs were compromised...These systems are 'critical' to U.S. missile defenses, and also relate to military systems present on U.S. aircraft and ships."
I've talked at length about China. See a list of recent articles about China's troublesome behavior at the end of this article. Back in 2010, I asked, Is China gearing up to start World War III?
As I've had more time to study the behavior of the PRC, I've come to believe that China isn't necessarily gearing up to start World War III, but they are planning for how they might win it, should our two nations find ourselves in a shooting war.
Applying Sun Tzu's lessons
There are many translations of Sun Tzu's wisdom, but for today's exploration, I'll use the MIT Internet Classics Archive version. Let's look at a few of the general's sayings, and then think about how they might apply to our current situation.
Sun Tzu said, "Though the enemy be stronger in numbers, we may prevent him from fighting. Scheme so as to discover his plans and the likelihood of their success." This is ideally applicable to cyberwarfare. China has conducted an ongoing, unrelenting campaign to penetrate our systems, both military and industrial. If that's not "Scheme so as to discover his plans," I don't know what is.
Sun Tzu said, "Rouse him, and learn the principle of his activity or inactivity. Force him to reveal himself, so as to find out his vulnerable spots." China's constant penetration attempts certainly show a pattern of behavior, particularly in helping them not to only identify our cybersecurity weaknesses, but once inside, the weaknesses of the systems our cybersecurity is tasked to defend.
Sun Tzu said, "Carefully compare the opposing army with your own, so that you may know where strength is superabundant and where it is deficient." This is another variation of the previous discussion. Sun Tzu strongly recommends understanding the strengths and weaknesses of the enemy, and China's espionage attempts in the cyber realm are undoubtedly giving them a better view into our strengths and weaknesses than any of our generals would like.
Sun Tzu said, "What enables the wise sovereign and the good general to strike and conquer, and achieve things beyond the reach of ordinary men, is foreknowledge. Now this foreknowledge cannot be elicited from spirits; it cannot be obtained inductively from experience, nor by any deductive calculation. Knowledge of the enemy's dispositions can only be obtained from other men. Hence the use of spies."
Sun Tzu actually defines five different types of human spies, but there's no doubt in my mind that if Sun Tzu lived in our times, he'd fully advocate cyberespionage. After all, a cyberpenetration doesn't require a human to enter a remote location, a hack can stay there for years without needing food or sleep, and nobody dies (or can be tortured to tell tales) if discovered.
Next, Sun Tzu and our reliance on advanced warfighting technology...