On Monday, the US Department of Justice (DoJ) indicted five members of the Chinese military for “cyber espionage against US corporations and a labor organization for commercial advantage,” setting off a flurry of chatter, indictments, recriminations, and polemics covering just about everything under the sun. The most interesting part about all this is that it's a phenomenal example of a MIDLIFE crisis.
MIDLIFE is an acronym used by the US military to describe the analytical framework of the instruments of national power: Military, Intelligence, Diplomatic, Law enforcement, Information, Finance, and Economic. According to this, there are seven different types of tools that nations use to influence one another or resist such influence. This indictment touches on all just about all of them.
This is the kind of story so beloved by some journalists. The kind of story where the intrepid reporter goes to the far corners of the Earth and interviews a zillion people, from experts to street vendors. Months later, they produce a four-part segment for a major news show, beginning with footage of an interview with some regular Joe who is affected by this all, just to show you, the viewer, how very complex and interrelated this all is.
I don’t have that kind of time, so let’s go through and tick off each of the MIDLIFE categories as we go.
M is for Military
The DoJ named five co-conspirators in its indictment, members of a part of the Chinese military called Unit 61398. Unit 61398 is formally the 2nd Bureau of the People’s Liberation Army General Staff Department, and is sometimes known colloquially as the Comment Crew. As in most countries around the world, the Chinese military maintains its own robust cyber capability. Even if military thinkers are still enormously vexed about where cyber fits into the theories of war and conflict, it’s already here in practice, and so they want to get a jump on it, even if they don’t understand it.
I is for Intelligence
It’s a little hard to say how long folks have known about Unit 61398, but in February 2013, Mandiant Intelligence — a private computer security firm based in northern Virginia — released a report pegging Unit 61398 as the real-life, meatspace manifestation of a particularly robust Advanced Persistent Threat (APT). This particular APT had been quite active since 2006 and crashing about in a whole bunch of systems. With some detective work and a lot of research, Mandiant pointed the finger at Unit 61398, including an address (208 Datong Road, Shanghai — if you’re interested in stopping by to ask for a tour) along with a couple of photos from street level, so you don’t get lost along the way. It’s unclear how much of what Mandiant figured out was already known to the US government, but by making their report public, they moved Unit 61398 into the public eye, at least a bit.
D is for Diplomacy
China’s cyber activities, particularly against companies, have been a bone of contention in the US-China relationship. The reason that Mandiant even got on the trail of Unit 61398 in the first place is because they provide computer security for two of the outfits hacked by China: the New York Times and the Washington Post. China has an interest in maintaining its public image, so they wanted advanced notice of what stories were coming out, as well as getting info on the sources used by both papers, so they could plug leaks and dissident voices from their side. There is no better place than two of the biggest drivers of American consensus opinion.
When the attacks first came to the notice of the Post and Times, they asked China's military for comments, who the Post quoted as saying “The Chinese military has never supported any hack attacks. Cyber-attacks have transnational and anonymous characteristics. It is unprofessional and groundless to accuse the Chinese military of launching cyber-attacks without any conclusive evidence.” Similarly, the Chinese military released a response to US DoJ allegations, stating “The US accusation against Chinese personnel is groundless with ulterior motives.
L is for Law enforcement
While the fact of a DoJ indictment is a sure and easy way to tick off the law enforcement part of MIDLIFE, there’s a bit more depth here than just one indictment. Beyond just the allegations of hacking that are dominating today’s headlines, countries use international law and law complaints as a means of testing wills and patience. Lawfare has been defined as the use of law as a weapon of war, and it shows up a lot in debates about the Law of War, war crimes, and the like.
While the majority of lawfare does involve lawyers and formal complaints, it can also involve the use of legal constructs to pursue the ends of warfare. One more recent example of this was the deployment of Russian soldiers without flags or unit insignia during the Crimean annexation. As a mode of conflict, that move served to disrupt command and communications responses (as surely as electronic jamming) of Ukrainian decision-makers because they couldn’t figure out what the hell to do.
The Russian soldier captured in Crimea may not be Russian, a soldier, or captured. Read more here.
I is for Information
Lawfare plays directly into information warfare, because of the tendency to treat International Law as an issue of morality and ethics, rather than a matter of custom that can, at times, be used to pursue moral ends. Overall, information warfare (which is what it’s called when good guys do it) or propaganda (when bad guys are doing it) is an area of conflict that grows stranger and more powerful with every passing year. The DoJ’s indictment is just a continuation of the latest string of debates about espionage which erupted with WikiLeaks and Pfc. Manning, and continued with Edward Snowden.
The regular difficulty the US has in this arena is evident when noting that more than a small amount of the US reaction is really close to a key message in a statement by China’s People’s Liberation Army, Ministry of Foreign Affairs, and State Internet Office: “Shut up, you hypocrite!”
F is for Financial
The financial element of this story is pretty self-evident. On the one hand, being a partner or party to an international trade negotiation is the next best thing to sending an email invitation to Unit 61398. According to the New York Times, the US’ largest solar panel manufacturer lost “lost technological secrets, production cost data, cash flow projections, and the details of its legal strategy.” Meanwhile, the United Steelworkers Union lost “records containing trade policy strategies and discussions about rare earth metals and auto parts.”
More broadly, cyber espionage could be a powerful tool when used with financial tracking data to capture information about cash flows and transfers of funds. This kind of analysis is already used to track down terrorists and organized crime, but when wedded to a broader strategy of intelligence gathering and influence, could be quite powerful.
E is for Economic
Others have noted that while the US gets irate about industrial espionage, everybody, including the US, uses intelligence information in international trade negotiations. And economic is economic, right?
Well, almost, but not quite. As cozy as big business is with the US government, in China, there’s not really a useful way to distinguish between government and business at the highest levels. While undoubtedly big US businesses benefit when the US looks out after the interests of US trade in negotiations, the US doesn’t do a great job with direct, traditional industrial espionage. In the US system, there always is (or should be) room for debate about the collusion of those in different spheres of power.
That’s not true in all countries, even in theory, let alone practice. Especially those, like China or Russia, whose system runs closer to state capitalism. So when an espionage intrusion by Unit 61398 gives a Chinese company a major advantage, it’s really one part of the Chinese government helping to ensure that another part of the Chinese government can continue to be profitable and provide revenue for the Chinese government.
That’s the seven elements of the MIDLIFE analytical framework. One thing that a broad, cross-cutting analysis of the very peculiar features of cyber warfare shows is that it is a form of conflict that connects different modalities of conflict and blurs them all together.
While it’s super tempting to look at Unit 61398 and the NSA, shrug and wish a pox on both their houses, it can be risky to resort to an equivalency because these incidents don’t occur in a perfect vacuum. If you support green energy, damaging the commercial viability of a solar energy company through cyber-attacks and theft of trade secrets isn’t helpful. If you are opposed to outsourcing and offshoring of jobs, then espionage that erodes the trade position of a union is an attack on your stated preferences.
At the end of the day, this is a form of conflict like any other — one group trying to assert its will over another. And Chinese successes here come at someone else’s expense. You don’t have to argue that that one side or the other is lily white and pure of heart to have a preference in the outcome of a conflict.
It might cut a few corners ethically, but in the real world, it’s not insane to argue that: “So and so is a son of a bitch, but at least he’s our son of a bitch.” Obviously precious few in the US are enamored with everything the US government does, but US critics of US government shouldn’t forget that their government is still their son of a bitch. And that the Chinese government is the other son of a bitch.
Follow Ryan Faith on Twitter: @Operation_Ryan