Log in to get started!

Don't have an account yet? You can create one below.

Student Instructor

Cyber Clash with China

Chinese Soldiers
A magnifying glass over a segment of code with a map of China overlaid on top of it

“Right now, we’ve got about three billion people online, and they are using anywhere from five to fifteen million devices. And all of these devices are connected and all those connections represent doors … Most of these devices have vulnerabilities in them, and so that creates backdoors, and somebody’s going to find them.”


— Dorothy E. Denning, distinguished professor at the Naval Postgraduate School, October 9, 2015

2.1 The Issue

Cyberspace is a new domain of conflict, one guided by few accepted rules or standards of behavior. Policymakers find offensive cyber operations attractive because they are relatively inexpensive, can be designed to be less destructive than kinetic strikes (i.e., those against physical targets), and can provide a high degree of anonymity to the attacker. The vast majority of these operations includes cyber espionage (theft of military and political secrets or intellectual property) and political disruptions (website defacement or distributed denial of service [DDoS] attacks that flood a website with so much data that it can no longer respond).

The White House’s 2011 International Strategy for Cyberspace warns that “the United States will respond to hostile acts in cyberspace as we would to any other threat to our country.” However, although experts generally assume that a cyberattack that caused death or physical destruction would be considered an armed attack, the threshold for a military response to other forms of cyberattack remains uncertain. Indeed, cyberspace is marked by high strategic instability. Defending against cyber threats is extremely difficult. Would-be defenders need to worry about millions of lines of computer code, hundreds of devices, and scores of networks, but an attacker need find only one vulnerability.

Moreover, attribution of cyberattacks is difficult and slow, which makes them different from other weapons. Attackers can hide their tracks with relative ease, and the attacks can happen in minutes, if not seconds. Many countries rely on proxies, criminal groups, or patriotic hackers to conduct operations: even if the location of the hackers can be determined, anyone anywhere could have authorized the attack. This conundrum greatly complicates efforts to retaliate and prevent attacks.


Successful attacks are also likely to risk escalation. If, based on past trends, military leaders fear that their networks or weapons systems could be subjected to cyberattacks—which would limit their ability to order forces in the field or to launch weapons—they would have an incentive to use their weapons systems preemptively; such a move would escalate and further destabilize a conflict.

Decision Point

NSC Meeting

China, Taiwan, Vietnam, Malaysia, Brunei, and the Philippines have competing territorial claims in the South China Sea. In recent years, China has exerted authority over the area by increasing the size of existing islands or creating new ones, as well as by constructing ports, military installations, and airstrips. The United States has promoted the right of military vessels to operate in China’s claimed two-hundred-mile exclusive economic zone and has rejected China’s claim to a twelve-mile territorial zone around the artificial islands it has built. Since 2015, the United States has signaled its opposition by flying military aircraft and sending U.S. Navy ships near certain islands.

Last week, the U.S. Air Force conducted a flight near a shoal claimed by China in the South China Sea. Three days later, the Nasdaq Stock Market suffered a hack that damaged computers and forced the suspension of trading for two days, imposing significant costs on various U.S. companies and denting confidence in the U.S. financial system. The Zheng He Squadron, an underground hacker collective based in China, has claimed responsibility for the hack. The group has known ties to the People’s Liberation Army, China’s military. U.S. intelligence agencies assess with 90 percent certainty that the hack occurred with the knowledge or support of parts of the Chinese government. Beijing, however, claims no knowledge of the attack. The president has convened the National Security Council to discuss how the United States should respond.

GO TO SECTION 3.1

You are currently previewing the Cyber Clash with China Basic case.

View Full Basic Case View Advanced case Build a Simulation