OODA Loop

Understand tomorrow, today.

Updated China Threat Brief for Executive Decision Makers

Archive, OODA Original, Security and Resiliency / by

China is large, complex, ambiguous, dangerous and of critical importance to business decision-making.

This OODA special report investigates the capabilities and intent of the People’s Republic of China, with a special focus on factors relevant to business decision-makers. Our objective: To provide insights that are actionable for business leaders seeking to mitigate risks through informed decisions. This report is based on highly regarded primary sources including the US Intelligence Community’s Annual Threat Assessment, reporting from the National Counterintelligence and Security Center, our own research and reporting and input from executives and business leaders with direct first-hand experience doing business with China.

Background:

Several countries have the capability to inflict harm on U.S. interests. However, The People’s Republic of China (PRC) is the only one who has declared an intent to challenge the U.S. for global supremacy. The US Intelligence Community has long regarded China as the most active strategic competitor across multiple domains including espionage and cyber espionage. Business leaders have long seen China as a place where partnering for business, especially manufacturing, is of critical importance.  But over the last decade businesses have seen reason to relocate many operations from China due to increased risk. This has accelerated over the last few years due to supply chain issues with Covid shutdowns.


OODA Loop Sponsor

From a political perspective, China remains a closed society where challenges to party rule are met with harsh, crushing responses. The daily life of its citizens is set under an environment of continually-expanding surveillance. Economically, China’s decades of tremendous growth have made it a powerhouse, but one with weaknesses and uncertain foundations. Similar weaknesses and uncertainties characterize the country’s military and intelligence domains.

Each of these sectors poses unique risks to U.S. business and government interest across domains; China has developed centralized mechanisms to coordinate cross-sectoral activity, including the military, economic, cultural, academic, scientific, intelligence and cyber domains.

Overall, we assess that China poses the greatest threat to the privacy of citizens of open societies.

The Population Bomb:

The term Population Bomb refers to the rapidly aging population of China. No other nation has every gone through a shift this dramatic, where fewer and fewer young will need to support more and more old. This will be a huge impact on the economy. China’s population growth rate has fallen to its lowest level in six decades, with births barely outnumbering deaths in 2021. Over the past year, there have been major government efforts to increase population growth and mitigate a demographic crisis, however, they have been largely unsuccessful. In China, 10.62 million babies were born in 2021, a rate of 7.52 per thousand people. In the same period, China recorded 10.14 million deaths, producing a population growth rate of just .34 per thousand head of the population. In terms of geopolitical risks, this one is one of the greatest Gray Rhinos out there. It has been reported on and analyzed for years, but does not seem to be part of the main stream consciousness or understood by policy makers.  Do not let its significance pass you buy.

Signs of Economic Weakness in China Indicates Coming Crisis

The increasingly bleak economic prospects in China are not a surprise to China watchers. And shifting demographics will make things even worse with fewer workers and consumers to support an aging populace. On 16 August 2022, Premier Li Keqiang chaired a State Council executive meeting where the bleak economy is top of the agenda. Li considers new risks the catastrophic flooding in Henan, resurgent Covid-19, inflation of raw material prices and new geopolitical risks. In 2023 these worries continue and indications are that the economy is once again the number one threat to the CCP.

The Yuan is a continually manipulated currency, but even with that it has been weakening against the dollar (by March 2023 it was trading at 6.8 per dollar). There is little transparency into the true financial numbers on the economy in China, but official forecasts are that the GDP growth will slow from 5.2 percent to 4.3 percent. Actual numbers must be much worse. In March 2023 estimates are that China’s industrial firms shrank 22.9% in the first two months this year from a year ago, as the factory sector struggles to claw its way out of the slump caused by COVID-related disruptions. That followed a 4% drop in industrial profits for 2022 and suggests an uneven path to recovery for the economy. Retail sales for January-February showed stronger growth momentum.

By June 2022 the World Bank, JP Morgan, UBS and more began issuing more dire forecasts for GDP in China. Estimates vary, as mentioned above it is hard to get actual numbers to build assessments on , but growth is probably around 3%, much lower than the 5.5% the PRC is claiming.

Many self imposed economic problems are being caused by China taking trade action against companies and countries that criticize the persecution of Uighurs. One salient example is China’s punitive measures against Australian coal imports which is contributing to rolling power outages.  Solutions directed to be put in place seem like band-aids. For example, guidance has been given for increasing domestic production and supervising commodities to curb inflation. If only it was that easy! Employment assistance is being ramped up as well, with calls for promotion of labor-intensive industries.

Other issues are being caused by China’s strategy of locking down entire cities and regions to try to fight covid. This lockdown strategy is also fueling internal unrest which is being captured on social media and shared internally even in a nation where surveillance and social scores are in place to mitigate criticism. We are tracking this closely and will continue reporting on this via our daily pulse and research reports.

China’s economic weakness may in part explain their distancing from support to Russia’s invasion of Ukraine. China is still parroting some Russian propaganda on the war, but has been backing away from that a bit and has also been publicly stating they will not supply Russia with weapons or other material for the conflict. This is definitely one to watch.

The reporting in OODA’s News Briefs frequently captures indications of economic weakness. Some factors of note:

  • China’s population bomb is coming sooner vice later. China has the fastest aging population in the world and is clearly not ready for the impact this will have
  • China remains terribly polluted, which contributes to significant health and quality of life impacts
  • China remains heavily dependent on imports of oil, gas, most raw materials and food
  • In many areas of the country the nation has been overbuilt, which huge debt being taken on to maintain the pace of this overbuilding for no purpose.
  • More foreign investors are deciding not to invest in China because of their true nature being revealed plus impact to supply chains of lockdowns

The extensive dependencies of the entire world on China means economic weakness could pose significant concern. Some of the worse case scenarios could involve an almost total shutdown of industrial production, which would force a devastating restructuring of the global economy and lead to unpredictable outcomes. Since worst case scenarios can certainly come true, we recommend business and government leaders begin asking focused questions on what a PRC economic crisis might mean for supply chains. Some questions to consider:

  • What dependencies to pharmaceutical companies have on China? How might drug supplies be interrupted? What plans can be put in place to mitigate those risks?
  • What supply chain dependencies relying on the PRC can be shifted to other more open nations?
  • How will US goods and services (approx $150B per year) exported to China be impacted by PRC economic slowdown? Can any new markets can be found for US goods and services?
  • What would the impact of a PRC economic slowdown be on US GDP? US unemployment?
  • What would impact of PRC slowdown be on the US high tech industry? Other industries? Stock markets overall?
  • What long term effects might PRC economic slowdown have on US manufacturing and re-shoring?
  • What would further economic crisis in PRC mean for the cyber threat environment in the free world? (Consider the scenario where millions of desperate computer savvy individuals will do anything online to survive).

There are obvious questions we are watching regarding how the war in Ukraine will impact China and their potential operations against Taiwan. We are watching this closely.

China’s military:

The Chinese People’s Liberation Army (PLA) is the armed forces of the People’s Republic of China (PRC) and Communist Party of China (CPC). It maintains peacetime troop levels around 2,285,000 personnel, a figure which, in a time of crisis will surge dramatically.

The technologies employed by the PLA have been on a continuous path of modernization, driven both by industrial espionage and theft from others plus massive investment in internal R&D and military science. The results are an array of technologies which could challenge the U.S. for regional dominance in the air, seas and space. With an active WMD program, China is “deploying sea-based weapons, improving its road-mobile and silo-based weapons, and testing hypersonic glide vehicles. These new capabilities are intended to ensure the viability of China’s strategic deterrent by providing a second-strike capability and a way to overcome missile defenses. The Chinese have also publicized their intent to form a nuclear triad by developing a nuclear-capable, next-generation bomber” (US IC, 2019). China has also developed anti-ship missiles which may be capable of overcoming current U.S. Navy defensive capabilities, reducing U.S. response options in time of crisis.

The US intelligence community summarized Chinese military capabilities and intent this way:

“China will continue pursuing its goal of building a world-class military that will enable it to secure what it views as its sovereign territory, establish its preeminence in regional affairs, and project power globally while offsetting perceived U.S. military superiority. Beijing is accelerating the development of key capabilities it believes the People’s Liberation Army’s (PLA) needs to confront the United States in a large-scale, sustained conflict. The PLA Navy and Air Force are the largest in the region and continue to field advanced platforms that improve China’s ability to establish air superiority and project power. The PLA Rocket Force’s (PLARF) short-, medium-, and intermediate-range conventional systems can hold U.S. forces and bases in the region at risk. In 2020, the PLARF fielded its first operational hypersonic weapons system, the DF-17 hypersonic glide vehicle-capable medium-range ballistic missile (MRBM), which could challenge U.S. missile defense systems. We expect the PLA to continue to pursue the establishment of overseas military installations and access agreements to enhance its ability to project power and protect China’s interests abroad.”

Exemplifying their increased risk acceptance as an outgrowth of military strength, China has built man-made islands in international waters and claimed the South China Sea as their territory, in violation of international law and over the objection of most countries. These man-made islands now had runways installed and batteries of advanced surface to air missiles.

Chinese Geopolitical Objectives and Actions:

The Defense Intelligence Agency (DIA) has warned that China is approaching a critical military milestone. The milestone is not some new “doomsday device,” however, but a mindset. According to the DIA, this mindset is the self-conception that they are able to match their competitors, including the U.S., in regional conflicts. “The biggest concern is that they are getting to a point where the PLA leadership may actually tell [President Xi Jinping] they are confident in their capabilities. We know in the past they have considered themselves a developing, weaker power…we don’t have a real strong grasp on when they will think that they are confident in that capability.”

Taiwan and the South China Sea remain the highest threat centers of future conflict with China. North Korea also plays an important regional role in Chinese-U.S. relations, where development in North Korean-U.S. relations will have an important impact, for better or for worse, on U.S.-China relations. Beyond these conflict centers, however, the U.S. also faces a more globally proactive China with a military that in the words of DIA is: “active everywhere”. U.S. military interaction with China will, therefore, increasingly extend beyond the waters near the Chinese mainland, expanding the possibility of escalation, but also of cooperation.

Economically, China is pursuing geopolitical goals through its ambitious Belt and Road Initiative (BRI), working to expand its economic and political influence across Asia and beyond into Eurasia, Africa, and the Pacific. The initiative includes massive infrastructure work and projects linking China with the world, including via land to Europe and Africa. These projects have the stated intentions of shifting the global order to center around China. Several investments and projects have recently collapsed, however, calling into question the level of risk involved with the initiative (including complete economic collapse, similar to the USSR). Short term dynamics, however, will almost certainly pull many countries into China’s economic orbit. While the longer-term impacts of the project remain unknown, China has taken concrete steps to learn from the failures of the USSR and avoid the economic pitfalls that led to their collapse.

Nearly three decades after this collapse of the Soviet empire, the U.S. Intelligence Community has underscored that China is more frequently collaborating with Russia. “China and Russia are more aligned than at any point since the mid-1950s, and the relationship is likely to strengthen in the coming year as some of their interests and threat perceptions converge, particularly regarding perceived US unilateralism and interventionism and Western promotion of democratic values and human rights” (US IC, 2019). For more on Russia see our special research report: The Russian Threat.

The dynamic between China and Russia before Russia’s invasion Ukraine led many watches to conclude that Putin asked Xi for his approval prior to the war. Actions after show China helping blame NATO for Russia’s actions, but it seems they are not pleased to have had to suffer consequences of the major awakening to national security issues in the EU and US due to Russia’s invasion.

The Chinese Cyber Threat:

China has decades of experience in using cyber espionage to accomplish objectives, including the use of advanced tools and tactics to gain unauthorized access to systems that were thought to be secure. They remain the most active strategic competitor responsible for cyber espionage and are known for combining their cyber capabilities with traditional intelligence collection.

The U.S. Intelligence Community has long assessed that China will continue to use cyber espionage and bolster cyber attack capabilities to support national security priorities. In 2022 the IC wrote that:

“We assess that China presents the broadest, most active, and persistent cyber espionage threat to U.S. Government and private sector networks. China’s cyber pursuits and export of related technologies increase the threats of attacks against the U.S. homeland, suppression of U.S. web content that Beijing views as threatening to its control, and the expansion of technology-driven authoritarianism globally.”

The IC and private security experts agree that will China continue cyber attacks. Some were quick to point out a minor shift in detected volume after a 2015 bilateral US-China cyber commitment, but since then most attacks against U.S. commercial interests have focused on traditional espionage targets, working to gain military technology or insights. Attacks against intellectual property also continue, but they have become far more sophisticated and harder to detect. The U.S. IC is also “concerned about the potential for Chinese intelligence and security services to use Chinese information technology firms as routine and systematic espionage platforms against the United States and its allies”.

China has been advancing its cyberattack capabilities by integrating its military cyber attack and espionage resources in the Strategic Support Force, which it established in 2015.

China figured prominently in the report of the revised Cyberspace Solarium Commission. They described the cyber threat from China in this way: China uses cyberspace to accelerate its economic rise, undermine U.S. comparative strength, and suppress political opponents at home and abroad. Chinese advanced persistent threat (APT) groups steal intellectual property and sensitive national security information. Beijing wages cyber-enabled economic warfare to fuel its rise while simultaneously undercutting U.S. economic and military superiority. Chinese cyber campaigns have enabled the theft of trillions of dollars in intellectual property. At the same time, Chinese APTs’ aggressive cyber-enabled intelligence collection operations provide Chinese officials with improved intelligence information to use against the United States and its allies. Chinese operators constantly scan U.S. government and private-sector networks to identify vulnerabilities they can later exploit in a crisis. Targeting America’s weapons and Defense Industrial Base enables Beijing to undermine opponents from within: for example, by threatening the U.S. Defense Industrial Base or driving a wedge between America and its allies.15 Taken to the extreme, China has the ability to launch cyberattacks in the United States that could cause localized, temporary disruptive effects on critical infrastructure—such as disruption of a natural gas pipeline—for days to weeks.

Moreover, the Chinese Communist Party routinely harasses foreign and domestic dissidents in cyberspace while state-linked firms build a global mass-surveillance capability connecting information and communications equipment, surveillance cameras, facial recognition software, and massive data sets of private citizens. China is exporting these intrusive practices and technologies abroad, fueling a trend toward digital authoritarianism that threatens democracy at a global scale. Chinese national companies like Huawei are part of an integrated strategy to use predatory pricing to dominate and eventually monopolize key information and communications technology supply chains. The goal is to drive non-Chinese alternatives out of business, leaving the Chinese Communist Party and its business allies with a stranglehold on the global supply chain. As China exports this equipment, it becomes the central hub of a new network of authoritarian states that use mass surveillance and technologies of control, such as social credit, to suppress fundamental human rights. Unchecked, Chinese economic warfare, espionage, and repression of civil liberties are likely to continue.

Without a new whole-of-nation strategy and significant changes to how the United States defends its networks in cyberspace, Chinese operations will continue to threaten long-term American economic prosperity and national security. Revelations of high-profile security failures of information will undermine confidence in the U.S. government’s ability to protect its citizens and businesses. Along with the loss in national power, trust in American institutions will wither. In the minds of regional allies, perceptions of unchallenged Chinese operations will reduce the credibility of American security guarantees. Exfiltration of private-sector intellectual property could compel investors to question the viability of the U.S. economy as a hub of technological innovation. Breaches could also yield intelligence coups that threaten the United States’ clandestine personnel and advance Beijing’s diplomatic and economic goals. Stolen U.S. military technology will enable the production of capable facsimiles and support the design of People’s Liberation Army weapon systems that exploit newly identified vulnerabilities in U.S. counterparts. Compromised supply chains could undermine American military operations in future wars. China is seeking to monopolize how people around the world interact, pay for goods, and relate to their governments. As Chinese- built networks and applications mediate interactions, Beijing gains unprecedented power to surveil and control the lives of individuals worldwide. Civil liberties and open markets will struggle to survive in this new era of cyber repression. China presents a persistent cyber espionage threat and a growing attack threat to our core military and critical infrastructure systems. China remains the most active strategic competitor responsible for cyber espionage against the U.S. government, corporations, and allies. It is improving its cyberattack capabilities and altering information online, shaping Chinese views and potentially the views of U.S. citizens.

We assess that as China’s economy weakens further the risk of cyber crime from desperate actors in China increases dramatically.

The Threat of Malign Influence Operations from China

China will continue expanding its global intelligence and covert influence posture to better support the CCP’s political, economic, and security goals, increasingly challenging U.S. influence. China is attempting to exploit doubts about U.S. leadership, undermine democracy, and extend Beijing’s influence, especially in East Asia and the western Pacific, which Beijing views as its traditional sphere of influence. China will continue spreading COVID-19 misinformation and downplaying its early failures while casting blame on the West. Its misinformation includes claims that the United States created COVID- 19. Beijing probably is reviewing publicly disclosed Russian influence operations and gaining experience from operations that use social media and other technologies against societies in Asia and elsewhere. Beijing is intensifying efforts to mold U.S. public discourse, pressure perceived political opponents, and muffle criticism on such issues as religious freedom, suppression of democracy in Hong Kong, and oppression of the Uyghurs as well as other minorities.

Economic and Industrial Espionage Threat against the US and US Companies:

The National Counterintelligence and Security Center has named China one of the three most capable nations at conducting cyber espionage (the other two being Russia and Iran (DPRK threatens via hacking/malware). It maintains well-resourced capabilities and will continue to target sensitive U.S. economic information and technologies through cyberspace.

China has expansive efforts in place to acquire U.S. technology to include sensitive trade secrets and proprietary information. It continues to use cyber espionage to support its strategic development goals—science and technology advancement, military modernization, and economic policy objectives. China’s cyberspace operations are part of a complex, multipronged technology development strategy that uses licit and illicit methods to achieve its goals. Chinese companies and individuals often acquire U.S. technology for commercial and scientific purposes. At the same time, the Chinese government seeks to enhance its collection of U.S. technology by enlisting the support of a broad range of actors spread throughout its government and industrial base. The U.S. IC assesses that “China’s intelligence services will exploit the openness of American society, especially academia and the scientific community, using a variety of means.”

The Intelligence Community and private sector security experts continue to identify ongoing Chinese cyber activity, although at lower volumes than existed before the bilateral September 2015 U.S.-China cyber commitments. Most Chinese cyber operations against U.S. private industry that have been detected are focused on cleared defense contractors or IT and communications firms whose products and services support government and private sector networks worldwide. Examples of ongoing Chinese cyber activity include:

  • 2014–15: The Office of Personnel Management is breached, exposing sensitive information used for security background checks on 21 million federal employees.
  • In 2017, the China-associated cyber espionage group APT10 continued widespread operations to target engineering, telecommunications, and aerospace industries. APT10 targeted companies across the globe, including the United States, using its exploitation of managed IT service providers as a means to conduct such operations
  • Cybersecurity researchers have found links between Chinese cyber actors and a back door in the popular CCleaner application that allowed the actors to target U.S. companies, including Google, Microsoft, Intel, and VMware
  • In November 2017, PricewaterhouseCoopers (PWC) reported that the China-based APT known as KeyBoy was shifting its focus to target Western organizations. According to PWC, the targeting was likely for corporate espionage. KeyBoy previously focused on Asian targets, according to commercial cybersecurity reporting
  • According to cybersecurity firm FireEye, TEMP.Periscope continued targeting the maritime industry as well as engineering-focused entities including research institutes, academic organizations, and private firms in the United States. FireEye has detected activity in 2017 and then sharp increases in targeting in early 2018
  • 2017: Chinese military hackers breach the net- works of Equifax, an American credit reporting agency, stealing the personal information of over 145 million Americans.
  • 2018: Hackers breach servers of Marriott International, extracting information on 500 million guests.
  • 2019: Operators compromise iPhones in a domestic spying campaign targeting Uighurs, a Muslim minority in China.
  • 2020: Chinese espionage ramped up against all major vaccine makers.
  • 2021 and 2022: Rapid exploitation of IT flaws for both espionage and cyber crime emanating from China.

We believe that China will continue to be a threat to U.S. proprietary technology and intellectual property through cyber-enabled means or other methods. If this threat is not addressed, it could erode America’s long-term competitive economic advantage.

Chinese Laws Enable Intellectual Property Theft

In 2017, China put into effect a new cybersecurity law that restricts sales of foreign information and communication technology (ICT), and mandates that foreign companies submit ICT for government-administered national security reviews. The law also requires that firms operating in China store their data in China, and that the government approve data transfers outside China. The U.S. Chamber of Commerce has gone on record to explain that if a foreign company is forced to localize a valuable set of data or information in China, whether for research and development purposes or simply to conduct its business, it will have to assume a significant amount of risk. The data or information may be misappropriated or misused, especially given the environment in China, where companies face significant legal and other uncertainties when they try to protect their data and information.

Required Steps for U.S. Companies Doing Business in China:

  1. Pass National Security Reviews for Technology and Services
  2. Store All Data in China
  3. Form Joint Venture to Open Data Center
  4. Obtain Government Approval for Data Transfers
  5. Buy Government-Approved Encryption and Virtual Private Networks (VPNs)
  6. China has Access to U.S. Intellectual Property and Proprietary Information

Overall Assessment:

China is growing into one of the most formidable competitors the U.S. has ever faced. And there are no indications that the U.S. is developing a comprehensive strategy to deal with this rising threat. There are indications that the PRC’s weakening economy will put the CCP leadership under more pressure than they have been in decades and this is cause for concern.

Our Recommendations:

There are few topics as strategic for international business as China. One more obvious recommendation is, therefore, that all businesses should think strategically about China and think of it both an adversary and a competitor. Leadership teams should expand the attention paid to the country in planning processes and conduct business in China with careful consideration of the potential risks. Executives are advised to expand their reading of thought leaders who explore the possible scenarios in the future.

Raise your defenses against cybercrime. Businesses can implement many best practices to protect against cyber attacks and information theft. Most of these best practices are low cost. Kick-start your actions with our list of best practices, available at Best Practices and Lessons Learned From Years In The Cyber Fight.

Given China’s interest in a contested space environment, we also recommend considering your organizational dependence on space-based systems for your communications and other services. Learn more about the needs for this and recommendations for how to evaluate your risk at What Business Needs To Know About Security In Space

As with most threats, the environment is dynamic and complex. Any OODA Network Members with specific questions or concerns are welcome to reach out to our team for a more focused dialogue.

For other special reports and country studies see the OODA Network Resources page. We also dive deep into other aspects of the Chinese threat and opportunities on our Global Risk and Geopolitical Sensemaking page.

Stay Informed

It should go without saying that tracking threats are critical to inform your actions. This includes reading our OODA Daily Pulse, which will give you insights into the nature of the threat and risks to business operations.

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision-making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Strategies, Business Intelligence, and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, and Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation-state conflict, non-nation state conflict, global health, international crime, supply chain, and terrorism. Explore Security and Resiliency

Community

The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders, and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences, and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member-only video library. Explore The OODA Community.

About Bob Gourley

Bob Gourley is an experienced Chief Technology Officer (CTO), Board Qualified Technical Executive (QTE), author and entrepreneur with extensive past performance in enterprise IT, corporate cybersecurity and data analytics. CTO of OODA LLC, a unique team of international experts which provide board advisory and cybersecurity consulting services. OODA publishes OODALoop.com. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.