April 14, 2023

LeadershipPolicy

Pushing Russia and China Together Will Imperil America’s Cybersecurity

By: Caleb Larson

Whatever your opinion is on the United States’ involvement in the war in Ukraine, it is undeniable that China and Russia are growing closer as a result. This development has stark implications for the U.S. as both countries pose the greatest threats to our national security. Perhaps the most concerning aspect of this budding alliance is the potential consequences for the cybersecurity of America, NATO, and the West generally. By driving the two most capable nation state cyber threat actors together, the United States may soon face an unprecedented reckoning in cyberspace.

On March 20th, Chinese President Xi Jinping visited Russia to kick off a three day long visit with Russian President Vladimar Putin. Hoping to “[build] bridges” between the two nations, Russia and China set out to work together to counter what they see as an alliance of Western countries “bringing discord to the global harmony.” Both countries are obviously opposed to the United States, but they have not always been staunch allies. The war in Ukraine, the response by the U.S., and a host of previous events has caused these two adversaries to reassess their aims.

Militarily, both nations pose significant threats. Russia commands an unrivaled arsenal of nuclear weapons while China possesses the world’s largest population and second largest economy. Both nations also pose grave threats in cyberspace. If combined, through intelligence and capability sharing, this new axis could multiply the effects of an already formidable cyber challenge.

Russia has historically been the most dangerous of the nation state threats. Its government uses cyber attacks to conduct espionage, influence political outcomes, and disable infrastructure. Russian threat actors have been behind some of the most high-profile cyber-attacks against the U.S. including the massively impactful compromise of SolarWinds, a network monitoring tool used by countless American organizations and government agencies. Some of the most dangerous and sophisticated threat actor groups come from Russia, such as Fancy Bear and Sandworm.

China is emerging as the premier global cyber threat, so much so that FBI director Christopher Wray claims that China is the “biggest long-term threat” to the United States. This is mainly due to their ability to target a wide array of industries in efforts to steal intellectual property and sensitive data. Much like Russia, China poses a threat to critical infrastructure. In the U.S. Office of the Director of National Intelligence 2021 Annual Threat Assessment, China is assessed to have the ability to “cause localized, temporary disruptions to critical infrastructure within the United States.”

China and Russia are daunting challenges in cyberspace on their own. Together, they could elevate their abilities to new levels. Information sharing agreements could allow zero-day vulnerabilities and advanced custom tools to pass between threat groups and increase their potential lethality. China has troves of data from American companies and citizens which would allow for more targeted attacks by Russia’s capable threat groups. With both countries aligned on a mission to target American infrastructure, there could be an increase in cyber attacks that threaten vulnerable systems that run our energy grids and water supply systems.

Whatever the benefits each country will reap, Russia and China working together will certainly make the United States more vulnerable to cyber-attacks. The strategy currently being pursued in Ukraine seems to be making this alliance more plausible by the day. The cybersecurity implications of this current path must be properly evaluated and should play a pivotal part in deciding whether to continue down it or adjust course. A cyber alliance between America’s greatest foes, ushered in by America herself, would be utterly disastrous for the West and should be avoided at all costs.