China and Russia have made cyberspace a national security priority. With the growth of access to the Internet globally, cyberspace is increasingly becoming more and more part of people’s everyday lives, it has become a new domain for human interaction (Ebert and Maurer 2013, 1054). Many Nation states have defined cyberspace as the fifth domain of power, the other domains of power being land, sea, air, and space (Broeders and Berg 2020, 1). Nation states and users of the Internet and cyberspace have different perspectives of the challenges and opportunities within this domain (1). China and Russia have had similar challenges in protecting this domain, in terms of protecting against outside adversaries, inside antagonists, and building coalitions around Internet governance. Both countries have offensive capabilities and a history of intelligence as well as pseudo-military operations in this domain. Even-though the terms Internet and Cyberspace are used inter-changeably, there are important distinctions. Defining the difference between the Internet and cyberspace is complex, the Internet is a network of networks and is at the global scale, essentially the infrastructure that cyberspace uses. Cyberspace is what happens on that infrastructure and is the informational world in which important aspects of individuals, businesses, governments, and militaries reside. The International Telecommunication Union (ITU), in their 2020 report have estimated the size of cyberspace, globally, in terms of the number of users and bytes, “3.5 billion people are online, and the digital world is estimated to be 44 zettabytes” (ITU 2020, 1).
There are ongoing debates of sovereignty, rights, freedoms, security, and control within this domain. For China and Russia securing this domain of power is critical. The Chinese and Russian approach to combating outside adversaries is multipronged and is centered around information control and disruption. The goal is to control, influence, and weaponize information wherever it is (Akimenko and Giles 2020, 67). For the Chinese and Russians there is not a hard distinction between information operations (info ops) and information warfare (68). Stealing information, psychologically influencing foreign Nationals, disabling, or destroying adversaries’ information systems and networks are not seen as separate disciplines within the Chinese and Russian info ops doctrine. Simply put information superiority is key not where it comes from or how it is obtained (68). Many aspects of their definition of info ops are considered, by western countries, information warfare (68). Their doctrine includes operations in the disciplines of computer networks, social media, communications, electronic, navigation, and computer systems. The overarching objective of this doctrine is to influence adversary’s perceptions and behaviors (68). As well China and Russia are focusing on economic and regulatory enforcement to control technology (Newman 2017). An example of this is how China is leveraging their economic power to require businesses to change their strategies and align themselves with the Chinese culture and government (Taneja and Wu 2014, 299). Whether it is a cyber or economic weapon the desired effect is the rebalance of power within cyberspace, it is true that offense is the best defense in this doctrine (Broeders and Berg 2020, 157).
Both China and Russia want to limit western countries influence on cyberspace, in particular the United States. These countries are working to build legal, political, and technical constraints within cyberspace to ensure their sovereignty. The prevailing opinion is the United States uses the Internet and cyberspace as a force multiplier, a mechanism to extend its ideology and influence globally and unrestricted. Limiting this influence and the free flow of information globally is a top priority for China and Russia. The tactics used to obstruct outside adversaries are both technical and political. Technically via firewalls and government-controlled gateways. This allows both China and Russia to limit access to, and the performance of, cyberspace information, resources, and assets outside of their domain. Politically via policies that require outside companies to physically relocate information and communications technology (ICT) systems within the country’s borders, this is known as localization. Controlling insider antagonists is accomplished by via information control. This is done by several means, first of which is limit the ability to communicate and spread their ideology, second is to limit their ability to access information. Both China and Russia have passed legislation that defines proper social norms. These social norms outline what type of information is acceptable for those under the sovereign control of these Nation states. China and Russia have appealed to the United Nations to enact change to Internet governance, arguing that this is a national security issue for every country. From their point of view these are reasonable requests that are needed to ensure law and order as well as re-enforce their Nations sovereign control over cyberspace respectively, these measures are needed to rebalance power. China and Russia are not waiting for the international community to act.
China | Russia | |
Outside Adversaries | Great Firewall, Control of .cn domains, Limit Performance outside the Firewall, System Localization | Internet Kill Switch, Control of .ru domains, ICT Monitoring Equipment, Limit Performance outside the Firewall |
Inside Antagonists | VPN Restrictions, Web Filtering, Policies on Social Norms (censorship) | VPN Restrictions, Policies on Social Norms (censorship) |
Cyber Diplomacy | Business Localization, Expanded DNS Localization, Push for Multilateralism via ICCIS | Expanded DNS Localization, Push for Multilateralism via ICCIS |
Offensive Actions | Stealing Information, Infiltrating and Disabling ICT Systems | Psychological Operations, Influence Campaigns, Infiltrating and Disabling ICT Systems |
Figure 3: Cyber Countermeasures by Country.
Both countries have info ops and are performing cyber countermeasures (fig. 3) against what they perceive as cyber aggression. This tactic appears to be two-fold, first as a punitive measure to western countries that oppose their proposed constraints to cyberspace (Libicki2011, 134), and second as justification, for why there needs to be international multilateral Internet governance. In principle the Chinese and Russian quest to protect sovereignty, social norms, and national security in cyberspace is noble. In reality this is an ideological battle, fought on a cyber battleground (Lancelot 2018, 26). An ideological battle around information and who controls it. The United States, and western countries arguing for freedom of information and access to it with very limited constraints versus the Chinese and Russian argument that the State should control information and whom has access to it.