Checkers, Chess and 围棋 (Wéiqí – aka Go): When It Comes to Games in Cyberspace, China May Be the Master
Checkers is the ultimate game of tactical engagement where two competitors push their forces forward in the attempt to conquer his foe by capturing all of his pieces. The game bears similarities to early combat where two armies stood in front of one another taking turns attacking until one side folded. Chess is a more strategic option. Whereas checkers perhaps best exemplifies a single engagement of a battle, chess represents the entire battle, requiring a strategic vision that is executed by moving pieces of different capabilities against an equal opposition force. Multi-dimensional thinking is required as pieces are moved in joint operations, the goal of which is to trap the opponent’s king. These two games are well known and socialized in the United States, and like it or not, both have been likened to military conflict especially as they embody the principles of warfare, involving a struggle of wills, movement, engagement, and protection.
However, there is a third game that also bears attention. Played by the Chinese, Go (also known as Wei Ch’i or Wei Qi) is an abstract game in which the goal is for one of the competitors to surround more territory than his opponent. It is a game that strives for competitive advantage requiring competitors to strategically look beyond the board and anticipate moves that seek to gain territorial superiority. Compared collectively, if checkers is an engagement and chess is the battle, then Go is the war. This comparison is important since all three games reflect their respective cultures’ mindsets. As such, they provide some insight into how these cultures approach different challenges, and for what purposes. If such considerations hold weight, it begs the question how can these two cultural gaming mindsets – one that favors outright victory and capitulation and one that favors positional advantage – be applied to the offensive activities in cyberspace taken by both the United States and China?
The militaristic nature of cyberspace has garnered attention ever since the Department of Defense classified it as the fifth operational warfighting domain along with the air, sea, land, and space, despite debates over its legitimacy or if it even qualifies as a “war” under current definitions. Nevertheless, the United States has arguably built one of if not the most formidable cyber force in the U.S. Cyber Command (CYBERCOM) as well as having advanced technical expertise in its advanced intelligence services, the National Security Agency, and the Central Intelligence Agency. A 2021 report on national cyber power rankings supports the United States’ preeminence in the cyber domain. There does not appear any doubt that the United States can inflict various levels of destruction or disruption on any target of its choosing.
Therefore, it is logical to presume that the United States is well-positioned to execute surgical strikes to create a purposeful effect. However, while this may meet a commander’s intent, the attacks believed to have been conducted by the U.S. cyber command in the past (as cited in the open press and not including classified or clandestine cyber operations of which there would be no public record) have been narrow in scope and have achieved questionable long-term results. For example, the heralded 2010 Stuxnet operation temporarily disrupted operations at the Iranian Natanz facility. And while that certainly impeded Iranian enrichment capability for the short term, it did not stop it and Iran quickly recovered after the attack.
The establishment of CYBERCOM gave the United States a force to (1) defend Department of Defense information systems, (2) support joint force commanders with cyberspace operations, and (3) defend the nation from significant cyberattacks. Still, in its mission to counter the online presence and propaganda of the Islamic State of Iraq and the Levant (ISIS), accomplishments against the terrorist organization were few and far between and did not yield the types of results that were initially expected. CYBERCOM took down social media accounts, and impacted certain lines of communication, only to have them replaced by ISIS, likening the effort to a game of “whack-a-mole”. Then, during the 2018 and 2020 U.S. midterm and presidential elections, under its new “defend-forward” mandate, CYBERCOM took the fight to state actors interested in influencing and/or disrupting the election process. In 2018 CYBERCOM’s activities took down a Russian troll farm, and according to some news reports, CYBERCOM executed nearly two dozen operations to thwart 2020 election meddling. However, it is difficult to measure the success of these activities as more in-depth details have not been shared with the public.
Cumulatively, these incidents show that the United States does a good job carrying out specific, short-term offensive activities, while longer non-disruptive/destructive cyber-enabled efforts remain a challenge. For example, the United States had a more difficult time countering ISIS messaging than trying to remove their sites and online accounts. This suggests that the United States is more attune to kinetic operations than ones that require a long-term strategic commitment to achieve effects several years out. Drawing on our game metaphors, the United States has aptly demonstrated skill in winning checkers-like engagements (taking out specific social media accounts), and even chess-like pre-set battles (mitigating election meddling) but seems to enjoy fewer triumphs outside targeted strikes and specific missions.
Beijing on the other hand appears less focused on using cyberspace to create kinetic effects as much as to leverage it for strategic purposes. China has been linked to several cyber operations in which the theft of data has been the primary goal. And while some of this activity appears to be in concert with more tactical intelligence concerns (e.g., political and economic issues), the operations that have garnered attention and Department of Justice (DoJ) indictments have stolen tremendous amounts of personal data. For example, in 2020, the DoJ indicted Chinese military individuals for stealing the data from 145 million Americans as a result of a breach of Equifax in 2017, a large consumer reporting agency. Then in 2019, the DoJ indicted a Chinese national with the 2014 theft of approximately 80 million records of U.S. citizens from Anthem, a large medical insurer. And finally, in 2015, 2015, the Office of Personnel Management (OPM), the agency that manages the U.S. government’s civilian workforce, announced a breach that exposed some of the most sensitive clearance information for nearly 22 million Americans.
So, how does this translate to the game metaphor? Go is about thinking beyond the board, meaning that the struggle transcends beyond the restrictions of the board, whereas checkers and chess are games that transpire within the linear confines of the games. What’s more, in both checkers and chess, the fog of conflict is as murky or clear as the mental acumen of the person playing. Otherwise, all pieces are perfectly visible, and their allowed movements are both known and understood by the players. But the encirclement strategy of Go requires anticipating movements and being able to adjust accordingly and countering with a response that turns a disadvantage into an advantage. Understanding your opponents’ moves help appreciate how he moves, and ostensibly, how he will move next.
While Go can be viewed through the prism of obtaining land (e.g., think Beijing’s territorial disputes in the South China Sea, for example), it can also be viewed from an information superiority perspective that includes data collection as a critical factor in obtaining operational advantage. In 2021, the former director of the National Counterintelligence Directive asserted that Beijing has stolen the personal and health data of approximately 80 percent of adult Americans. Looking at the three major data breaches, the types of information compromised include financial, health, and with respect to the OPM breach, political, the aggregate of which potentially positions Beijing to better encircle U.S. interests in China’s favor. Healthcare data stolen by the Chinese could be used for a variety of uses to include perpetuating U.S. reliance on China’s pharmaceutical industry production or gleaning insight into how the United States ensures its geriatric population, a crisis China is currently experiencing and will continue to wrestle with for the near future. OPM data could be used to facilitate espionage targeting persons of interest or potential interest. The data taken from Equifax could provide insight into the economic health of the United States by analyzing the “geographical and generational breakdown of average credit scores, how much credit consumers are using, and how they are paying it back.” Given the fact that Beijing has a global cyber espionage apparatus pulling in information from several countries and not just the United States, one can see the larger effort of information encirclement.
At face value, the acquisition, aggregation, and understanding of so much data appear to be a natural impediment to the data becoming actionable in a timely manner. But Beijing has always worked on its own timetables with the long view always in mind. Framed within Beijing’s goal of “national rejuvenation” by its 100-year mark in 2049, information superiority in an Internet-reliant world is essential to helping China unseat the United States as the global leader. And that takes time. Given that cyber-espionage has been transpiring since at least 2003, this would make sense. What’s more, Beijing is doing this by taking advantage of the United States’ seemingly greatest strength – its freedom to create, process, and disseminate information. So, while the United States concentrates on being proficient at the ones and zeroes, Beijing continues to rely on gaining information advantage via the information itself.
When a world becomes so reliant on technology to support all facets of life, being able to take it down is potentially less powerful than initially thought. Any government guilty of severely impacting critical networks risks becoming a pariah and ostracized by a global community that does not have that capability. And that’s where Beijing’s commitment to information collection provides a strategic advantage as it struggles for mastery of not only its region but the global order as well. As Beijing becomes more aggressive on the world stage, understanding its moves in the information space will be essential to counter the master strategists. Otherwise, we risk remaining a step or two behind, playing the wrong game at the wrong speed.
Opportunities for Advantage
All of this exponential disruption means we must make focused efforts to gain advantage. Stay informed on a variety of these critical issues at OODAloop.com and during our monthly OODA Network meetings and Salons.
OODA Loop provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Our members are global leaders, technologists, and intelligence and security professionals looking to inform their decision making process to understand and navigate global risks and opportunities.
You can chose to be an OODA Loop Subscriber or an OODA Network Member. Subscribers get access to all site content, while Members get all site content plus additional Member benefits such as participation in our Monthly meetings, exclusive OODA Unlocked Discounts, discounted training and conference attendance, job opportunities, our Weekly Research Report, and other great benefits. Join Here.
Black Swans and Gray Rhinos
Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis
Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking
The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking
Corporate Sensemaking: Establishing an Intelligent Enterprise
OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking
Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage
This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking
COVID-19 Sensemaking: What is next for business and governments
From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page.
Space Sensemaking: What does your business need to know now
A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking
Quantum Computing Sensemaking
OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking.
The OODAcast Video and Podcast Series
In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast