China’s Evolving Cybersecurity Strategy

By: Annie Kowalewski, Columnist

Photo Credit: Cyberwar News

After the Communist Party of China’s 19th Party Congress concludes this week, only 17% of the original military leadership is expected to remain in power—the most extensive military reshuffle since Mao Zedong.[i] Much of this reshuffle and recent Chinese People’s Liberation Army (PLA) modernization focuses on transitioning the PLA into a military capable of “fighting and winning informationized wars,” or wars that expand beyond the traditional kinetic domains. This article will consider China’s threat perceptions in the cyber space and the PLA’s evolving doctrine, training, and organization in the cyber realm.

Chinese Threat Perceptions

Chinese national security strategy emphasizes the defensive and offensive uses of cyber to guard Chinese society against foreign penetration and gain an asymmetric advantage against a technologically superior adversary. Fundamentally, China views its strategic position as one that is vulnerable to domestic instability instigated by foreign influencers. The 2015 Science of Military Strategy (SMS) paper emphasizes the dangers of “penetration and subversion” from the West and the need to “guard against cultural erosion.”[ii] Doing so requires protecting China’s cyber sphere.

Externally, the SMS describes the international security environment as multipolar, with several large powers vying for influence, which expands the depth of geostrategic competition.[iii] That is, the international community is no longer dominated by two great powers vying for hegemony, so the main threats to Chinese national security are small-scale conflicts and geostrategic competition in different spheres of influence. The SMS then details cyber space as a “new commanding height in strategic competition.”[iv] Such a view reveals that China sees an opportunity to gain an advantage against other large powers in, and beyond, the cyber domain.[v] This asymmetric capability can be used for deterrence purposes, gaining an economic advantage, or even “winning wars” without actually fighting.[vi] That is, an overwhelming defensive and offensive Chinese cyber capability can stop the threat of foreign influence and intervention via the threat of use, such as attacks on critical infrastructure, or by undermining an opponent’s ability to organize by striking before an opponent can attack. China thus views cyber as both a necessary defensive capability and as a weapon that can be utilized during both peacetime and war.

Chinese Evolving Cybersecurity Doctrine and Military Modernization

To counter these threat perceptions, China announced a new set of military reforms in December 2015 that transform the PLA’s doctrine, organization, and training to integrate cyber at the core of its operations.


Today, China’s 2016 National Cybersecurity Strategy and 2016 Cybersecurity Law focus on protecting Chinese domestic networks while Chinese military texts discuss offensive cyber capabilities. The Cybersecurity Strategy and Law emphasize “cyberspace sovereignty” as “an important part of state sovereignty” and allows the Chinese Government to use “whatever means necessary—scientific, technological, legal, diplomatic or military—to ensure cyber sovereignty.”[vii] Meanwhile, the SMS stresses the importance of “expedit[ing] the development of a cyber force and enhance its capabilities of… cyber defense.”[viii] This paper was the first official acknowledgement of China’s commitment to building a military cyber force with the ability to engage in offensive cyber operations.[ix] However, this is a relatively new concept in official Chinese military texts and it is unclear how developed, if at all, this doctrine is to China’s military thinking regarding its offensive cyber capabilities.


China’s commitment to cybersecurity and the cyber domain as part of its larger view of integrated warfare is not just a budding strategy, but also directs PLA modernization and reform. The most notable organizational restructuring is the creation of the PLA Strategic Support Force (SSF), which provides “strategic support”—or information support in the space, cyber, and electromagnetic domains—to the PLA.[x] The SSF consolidated previous PLA branches that oversaw information, space, intelligence, surveillance, and reconnaissance support, and created a separate military branch equal to that of the Air Force, Navy, and Army. What the establishment of the SSF makes clear is that the PLA views information dominance and cyber as not just a supplementary or supportive part of its warfighting capabilities, but an integral necessity to the PLA’s overall effectiveness.

On the domestic side, the PLA-authorized forces in the Ministry of Public Security (MPS) focused on “supervis[ing] public information networks”, protecting Chinese cyber sovereignty, and engaging in cyber espionage, which reveals China’s commitment to developing its cyber capabilities for both peacetime and war.[xi]


Cyber is also integrated into Chinese military training and recruitment, where “cyber warriors” are first trained at military institutions then trained in computer network operations as part of their military exercises afterwards.[xii] From the 2015 US Office of Personnel Management data breach to current rumors about China attempting to hack missile defense systems in South Korea, Chinese offensive cyber capabilities are notorious worldwide.[xiii] However, given the lack of successful Chinese operations targeting critical infrastructure targets or command centers, it is difficult to assess whether China has the human resources and adequate training to successfully carry out cyber-attacks on military operating centers. Such uncertainty highlights an important conclusion regarding China’s cyber capabilities. China has yet to fully implement a comprehensive cyber agenda and is currently grappling with how to best utilize defensive and offensive cyber operations in peacetime and war. However, China’s elevation of the SSF as a military branch equal to that of the PLAN, PLAAF, and PLARF and the integration of an offensive cyber force in Chinese military strategy suggest that cyber remains a crucial component of future Chinese defense and power projection.

[i] Cheng Li, “Why China’s military facelift ahead of the Party Congress could be a sign of bigger changes,” Brookings Institution, October 10, 2017,

[ii] “Full text: China’s Military Strategy,” USNI News, May 26, 2015,

[iii] “Full text: China’s Military Strategy,” USNI News, May 26, 2015,

[iv] “Full text: China’s Military Strategy,” USNI News, May 26, 2015,

[v] McReynolds, Joe, “China’s Military Strategy for Network Warfare,” in China’s Evolving Military Strategy, Washington, DC: Jamestown Foundation, 2016.

[vi] Hjortdal, Magnus, “China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence,” Journal of Strategic Studies, Vol 4(2), 2011,

[vii] China announces cybersecurity strategy,” The Global Times, December 27, 2016,

[viii] “Full Text: China’s Military Strategy,” Ministry of National Defense, May 26, 2015,

[ix] Kania, Elsa, “China’s Military Strategy: A Cyber Perspective,” Real Clear Defense June 3, 2015,,

[x] Kania, Elsa, “PLA Strategic Support Force: the Information Umbrella for China’s Military,” The Diplomat, April 1, 2017,

[xi] “Ministry of Public Security,” The State Council of the People’s Republic of China, Accessed October 20, 2017,

[xii] Fallows, James, “U.S.-China Cyber War Scenario in the Eyes of a Chinese Student,” The Atlantic Magazine, February 8, 2011,

[xiii] Adams, Michael, “Why the OPM Hack is far Worse Than You Imagine,” Lawfare, March 11, 2016, Gallagher, Sean, “Researchers claim China trying to hack South Korean Missile Defense Efforts,” ARS Technica, April 21, 2017,

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.