Introduction
The PLA expects to fight intense short wars that will be very decisive. The ability of military forces to communicate and coordinate rapidly through Command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) networks means that military forces in Local Wars at the operational level will be agile, capable of high-tempo deep operations, resource-intensive, critically dependent on information and present in all warfare domains. China’s military modernisation is underway, with the new PLA organisations aiming to establish a national and a theatre-level HQ for ground forces, turning the Second Artillery department into a full-fledged service, and creating a Strategic Support Force to manage the information domain including space, cyber and electronic warfare activities. This process started in 2015 and will end only in 2020 or later. The Central Military Commission (CMC) has been restructured in 15 departments and commission, the seven military regions have been reorganised into five geographical-operational theatre commands and each branch of the Army has been reorganised as a service HQ for the forces, to separate the administrative services from the operational dynamics. The reforms also aim to reduce manpower in the Chinese military.
PLA Theory on Modern Warfare
The PLA envisions future conflicts under the conceptual umbrella of Integrated Network Electronic Warfare or INEW. It combines coordinated use of computer network operations (CNOs), electronic warfare (EW) and kinetic strikes designed to paralyse an enemy’s networked information systems, by creating “blind spots” against an adversary’s C4ISR systems. The PLA’s C4ISR programmes support the ground forces, navy, air force, missile forces, nuclear doctrine, and space warfare. Its operational concepts for employing traditional signals intelligence and electronic warfare have expanded to include cyber warfare; kinetic and cyber attacks on satellites; and information confrontation operations across the electromagnetic spectrum. The PLA, under the “Integrated Network Electronic Warfare” doctrine, has been paying significant attention to information warfare in the past 10-15 years, not only looking at Cyber Warfare, but also battlefield Electronic Warfare (EW).
Chinese EW doctrine emphasises using electromagnetic spectrum weapons to suppress or deceive enemy electronic equipment. PLA EW strategy focuses on radio, radar, optical, infrared and microwave frequencies, in addition to adversarial computer and information systems. The Chinese see EW as an important force multiplier and would likely employ it in support of all combat arms and services during a conflict. PLA EW units have conducted jamming and anti-jamming operations, testing the military’s understanding of EW weapons, equipment, and performance, which helped improve their confidence in conducting force on force, real equipment confrontation operations in simulated EW environments.
PLA strategists regard the ability to utilise space and deny adversaries access to space as central to enabling modern, information warfare. Although PLA doctrine does not appear to address space operations as a unique operational “campaign,” space operations form an integral component of other PLA campaigns and would serve a key role in enabling A2/AD (anti access / area denial) operations.
PLA has increasingly moved toward an operational construct that blends cyberspace operations with kinetic operations, creating a form of “cyber-kinetic strategic interaction.” The goal would be to blind, disrupt or deceive adversary C4ISR systems while almost simultaneously deploying its formidable conventional strike, ballistic missile, and maritime power projection forces. The PLA envisions this operational concept as “integrated network electronic warfare,” described by Michael Raska as the “coordinated use of cyber operations, electronic warfare, space control, and kinetic strikes designed to create ‘blind spots’ in an adversary’s C4ISR systems.”
The PLA has recently described this as a form of “network swarming attacks” and “multi-directional manoeuvring attacks” conducted in all domains – space, cyberspace, ground, air, and sea. The Strategic Support Force has been designed to provide these integrated operations, employing electronic warfare, cyberspace operations, space and counter-space operations, military deception and psychological operations working jointly with long-range precision strike, ballistic missile forces and traditional conventional forces.
Three Warfare and information Warfare
To set the strategic stage of the conflict, the “Chinese People’s Liberation Army Political Work Regulations” which were promulgated in 2003, sets forth among the tasks of political work, the task of the “three warfares” — psychological warfare, public opinion warfare, and legal warfare.
Psychological Warfare seeks to undermine an enemy’s ability to conduct combat operations through operations aimed at deterring, shocking, and demoralising enemy military personnel and supporting civilian populations.
Media Warfare is aimed at influencing domestic and international public opinion to build support for China’s military actions and dissuade an adversary from pursuing actions contrary to China’s interests.
Legal Warfare uses international and domestic law to claim the legal high ground or assert Chinese interests. It can be employed to hamstring an adversary’s operational freedom and shape the operational space. Legal warfare is also intended to build international support and manage possible political repercussions of China’s military actions.
The PLA’s operational hierarchy of combat consists of three major levels: war, campaigns and battles, each of which is informed, respectively, by a distinct level of operational guidance – namely strategy, campaign methods, and tactics. Three Warfares can be identified primarily as a campaign method with secondary, mostly strategic but also tactical applications. The PLA’s combination of psychological warfare; the manipulation of public opinion, or media warfare and the manipulation of legal arguments to strengthen China’s diplomatic and security position, or what China calls
“legal warfare,” join together in a comprehensive information operations doctrine.
C4ISR
As per the US DoD 2016 report, China continues to prioritise C4I modernisation as a response to trends in modern warfare that emphasise the importance of rapid information sharing, processing and decision-making. The PLA seeks to modernise itself both technologically and organisationally to command complex, joint operations in near and distant battlefields with increasingly sophisticated weapons.
The PLA views technological improvements to C4I systems as essential to improve the speed and effectiveness of decision-making while providing secure and reliable communications to fixed and mobile command posts. The PLA is fielding advanced automated command systems like the Integrated Command Platform (ICP) to units at lower echelons across the force. The adoption of the ICP enables multi service communications necessary for joint operations. These C4I advancements are expected to shorten the command process. The new technologies introduced into the PLA enable information sharing — intelligence, battlefield information, logistical information, and weather reports on robust and redundant communications networks, to improve commanders’ situational awareness. In particular, the transmission of ISR data in near real-time to commanders in the field could facilitate the commanders’ decision-making processes and make operations more efficient.
These technical improvements have greatly enhanced the PLA’s flexibility and responsiveness. “Informationised” operations no longer require in person meetings for command decision making or labor intensive processes for execution. Commanders can issue orders to multiple units at the same time while on the move and units can rapidly adjust their actions through the use of digital databases and command automation tools. The PLA also seeks to improve its C4I capabilities by reforming its joint command institutions at the national and regional levels.
Strategic Support Force (SSF)
The PLA Strategic Support Force (PLASSF) was created on 31 December 2015 as a newest branch of the People’s Liberation Army (PLA). Introduced as part of China’s military organisational reform, the PLASSF is not a full service branch, but an independent service arm under the direct leadership of the Central Military Commission (CMC). SSF is responsible for the PLA’s space, cyber, and electronic warfare missions. Functionally and structurally, the SSF operates like the former Second Artillery Force and is an umbrella entity for electronic, information, and cyber warfare. This reform postures the PLA to conduct “local wars under informationised conditions” in support of its historic mission to “secure dominance” in outer space and the electromagnetic domain. Network (or cyberspace) forces are now alongside electromagnetic, space, and psychological operations forces and better organised to conduct integrated operations jointly with air, land, and sea forces. The establishment of the SSF disrupts traditional roles, relationships, and processes. It also disrupts power relationships within the PLA and between the PLA and the CCP. It challenges long-held organisational concepts, and is occurring in the midst of other landmark reforms, to include the establishment of new joint theatre commands. However, if successful, it would improve information flows in support of joint operations and create a command and control organisation that can develop standard operating procedures, tactics, techniques, procedures, advanced doctrine, associated training, along with driving research and development toward advanced capabilities. The force appears to have a staff department, equipment department, political department, and, presumably, a logistics department. More operationally, the force appears to have headquarters components for its space and cyber forces, embodied in the Space Systems Department (SSF-SSD) and Network Systems Department (SSF-NSD) respectively. The SSF may create or may already have an Electronic/Electromagnetic Systems Department (ESD) for its electronic warfare force.
SSF will be composed of three separate forces or force-types: space troops, cyber troops and electronic warfare forces. The cyber force would be composed of “hackers focusing on attack and defence,” the space forces would “focus on reconnaissance and navigation satellites,” and the electronic warfare force would focus on “jamming and disrupting enemy radar and communications.” This would allow the PLA to “meet the challenges of not only traditional warfare but also of new warfare centred on new technology” (Global Times, January 16, 2017).
The SSF will draw from forces previously under the General Staff Department’s (GSD) subordinate organs, to include portions of the First Department (1PLA, operations department), Second Department (2PLA, intelligence department), Third Department (3PLA, technical reconnaissance department), Fourth Department (4PLA, electronic countermeasure and radar department), and Informatisation Department (communications).
If information is power, then the GSD Third Department represents one of the most powerful bureaucracies in China today. Among its sources of strength is the country‘s largest pool of well trained linguists specialised in niche areas, such as banking and financial transactions, military activities, energy and diplomatic exchanges. The combination of Signals Intelligence (SIGINT) and Computer Network Exploitation, fusing transcripts of phone conversations with intercepted email exchanges, would enable a powerful understanding of plans, capabilities and activities of an organisation or individual in near real time. Key word and voice recognition technology and large data bases permit greater efficiency in collection directed against specific targets. Advanced computing facilitates breaking of all but the most sophisticated encryption and passwords. The linkage between CNO and PLA psychological warfare training units appears reasonable. Monitoring of communications, email accounts, websites, and internal networks could support sophisticated perception management operations. SIGINT, or technical reconnaissance in PLA lexicon, advances the interests of the Chinese Communist Party (CCP) and the People’s Republic of China (PRC).
The PLA’s SIGINT community consists of at least 28 technical reconnaissance bureaus (TRBs). The GSD Third Department has direct authority over 12 operational bureaus, three research institutes, and a computing centre. Eight of the 12 operational bureau headquarters are clustered in Beijing. Two others are based in Shanghai, one in Qingdao, and one in Wuhan. Ten additional TRBs provide direct support to the PLA’s seven military regions (MRs), while another six support the PLA Navy (PLAN), Air Force (PLAAF), and Second Artillery Force (PLASAF).
Organizations Associated With Computer Network Defense
- PLA’s Information Engineering University is the Third Department’s training vehicle.
- PLA Communications Security Bureau China.
- North Computation Center Third Department Computing Center .
- National Research Center for Information Security Technology (Network Risk Assessment).
- PLA Information Security Evaluation and Certification Center.
- Information Security Research Institute National Information Center (affiliated with science and technology equipment)
- National Information Security Engineering Technology Center.
Organization of the Operational
Bureaus of the Third Department.
- 1st Bureau (61786 Unit) — decryption, encryption, information security.
- 2nd Bureau (61398 Unit) — US and Canada focus.
- 3rd Bureau (61785 Unit) — line of sight radio communications, direction finding, emission control.
- 4th Bureau (61419 Unit) — Japan and Korea focus.
- 5th Bureau (61565 Unit) — Russia focus.
- 6th Bureau (61726 Unit) — no mission given; Wuhan U. network attack and defense center is located in this area of operation.
- 7th Bureau (61580 Unit) — some computer network attack and computer network defense, some work on the US network-centric concept, psychological and technical aspects of reading and interpreting foreign languages.
- 8th Bureau (61046 Unit) — Western and Eastern Europe, Middle East, Africa, Latin America.
- 9th Bureau (unknown Unit) — strategic intelligence analysis/data base management, the most opaque bureau.
- 10th Bureau (61886 or 7911 Unit) — Central Asia or Russia, telemetry missile tracking, nuclear testing.
- 11th Bureau (61672 or 2020 Unit) — Russia.
- 12th Bureau (61486 Unit) — satellites, space-based signals intelligence (SIGINT) collection.
Western Theatre Command (WTC)
After the modernisation the WTC has emerged as the largest theatre and has complex terrain including desert and high mountains, long borders and challenging social conditions. Theatre missions include supporting the People’s Armed Police Force maintaining internal stability in the restive Tibet and Xinjiang regions. Disaster relief requiring liaison with civilian organisations is also an important theatre mission. External responsibilities include responding to possible unrest in Central Asia under the auspices of the Shanghai Cooperation Organisation (SCO). However, the WTC’s primary strategic direction is India and the contested border regions (Xinhua, August 18, 2014; China Military Online, March 3, 2016).
Tibet Military Command/Military District in the WTC has been elevated by one level compared to other provincial level military districts and placed under the PLA Army (PLAA). An article in The Global Times reported that the Tibet Military Command will be responsible for operations against India, at least in the Arunachal Pradesh area, training forces for specialised high-altitude mountain warfare and long-range mobility for such a contingency (Global Times, May 13, 2016). However, Army command would appear to usurp the theatre’s command responsibility. The Xinjiang Military District is also under PLAA command. The current reforms and reorganisation make the services responsible for force development and training their respective forces, which would appear to include the Army commands in the Tibet and Xinjiang Military Districts. Since the WTC has a difficult internal mission, the Army might additionally be responsible for internal missions in Tibet and Xinjiang, acting as an intermediate command level for the theatre, which would have a daunting span of control if widespread unrest occurred in both areas, compounded by an external crisis.
The WTC headquarters includes a joint operations command centre also located in Chengdu. The theatre Army Headquarters is in Lanzhou. The new Strategic Logistics Support Force has subordinate Joint Logistics Support Centres in each theatre, with one in Xining for the WTC. The WTC can deploy subordinate PLAA and PLAAF units, and request additional forces from the CMC if required.
The WTC would have to coordinate operations with the responsible command for naval operations against India. The WTC focuses on relevant campaign scenarios to train troops for potential combat operations. PLA publications detail several campaigns that the WTC could conduct including antiterrorism, stability maintenance operations to combat internal unrest; joint border counterattack campaigns to defend against an attack and regain lost territory; mountain offensive campaigns; and joint fire strike campaigns usually supporting another campaign, but also an independent campaign (Global Times, September 5, 2012).
GhostNet
China has been conducting cyber operations against India for a long time. One of the earlier examples was the GhostNet episode.
Ross Anderson, at Cambridge University, and Shishir Nagaraja at the University of Illinois, wrote: “The office of the Dalai Lama started to suspect it was under surveillance while setting up meetings between His Holiness and foreign dignitaries. They sent an email invitation on behalf of His Holiness to a foreign diplomat, but before they could follow it up with a courtesy telephone call, the diplomat’s office was contacted by the Chinese government and warned not to go ahead with the meeting.” Between June 2008 and March 2009, the Information Warfare Monitor conducted an extensive and exhaustive two phase investigation focused on allegations of Chinese cyber espionage against the Tibetan community. GhostNet, had penetrated 103 countries and infected at least a dozen new computers every week. This global web of espionage has been constructed in two years. The research team found a wide-ranging network of compromised computers. This extensive network consisted of at least 1,295 infected computers in 103 countries. Significantly, close to 30% of the infected computers could be considered high value and include the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan; embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan; the ASEAN (Association of Southeast Asian Nations) Secretariat, SAARC (South Asian Association for Regional Cooperation), and the Asian Development Bank; news organisations; and an unclassified computer located at NATO headquarters.
The GhostNet system directed infected computers to download a Trojan known as ghost RAT that allowed attackers to gain complete real time control. These instances of ghost RAT were consistently controlled from commercial Internet access accounts located on the island of Hainan, People’s Republic of China. GhostNet was capable of taking full control of infected computers, including searching and downloading specific files and covertly operating attached devices, including microphones and web cameras.
The Key Findings of the investigation were :
- GhostNet infected at least 1,295 computers in 103 countries, of which close to 30% can be considered as high value diplomatic, political, economic and military targets.
- GhostNet penetrated computer systems containing sensitive and secret information at the private offices of the Dalai Lama and other Tibetan targets.
- Documentation and reverse engineering of the modus operandi of the GhostNet system including vectors, targeting, delivery mechanisms, data retrieval and control systems revealed a covert, difficult to detect and elaborate cyber-espionage system capable of taking full control of affected systems.
Conclusion
China has developed its electro magnetic warfare capabilities keeping in mind USA as its main adversary. It has very judiciously concentrated on those specific aspects which it thought would give it asymmetric advantage. China is still well behind USA in electro magnetic battlefield, but it is catching up. However, against India it has massive advantage. China has already undergone drastic changes in its doctrine and concept of warfare, organisation, training, human resource management and financial allocation in niche technology areas. Government of India and Indian armed forces must move fast to confront China in electromagnetic battlefield in any eventual conflict scenario. At this present juncture India has much to do to catch up.
(Maj Gen PK Mallick, VSM (Retd.)has been a Senior Directing Staff (SDS) at National Defence College, New Delhi. He is an expert in Cyber Warfare, SIGINT and Electronic Warfare.)
(This article is carried in the print edition of September-October 2017 issue of India Foundation Journal.)