Countering the People's Republic of China (C-PRC)'s Information Warfare Efforts Through an Emulated Training Environment
By Amanda Lockwood, Melissa Sowerwine, and Doowan Lee
May 4, 2022
1.0 Introduction
In today’s world, the internet is inescapable. It touches almost every part of modern life and has brought with it unimaginable improvements, alongside commensurate threats. Dramatic increases in the scale and diversity of information flows, combined with the difficulty of ensuring the veracity of information and an informed public, has led to mass propagation of narratives—often reliant on disinformation—as a means of influence. This influence has become a critical threat to US national security, public policy, and the US’s standing in the world.
"If Russia's influence operations are like bad weather, China's growing operations are like climate change — far more destructive.” - Ken McCallum, who became Intelligence Chief of MI5 in 2020
Over the past four years, the Chinese Communist Party (CCP) has, as a means of great power competition, dramatically escalated its Information Warfare [1] to shape narratives and influence populations internationally. With CCP Information Warfare goals in direct opposition to US interests, the US must intensively develop and refine its Information Warfare capabilities in the US Indo-Pacific Command (USINDOPACOM)’s Area of Responsibility (AOR), as well as in all other areas where the CCP is actively conducting adversarial Electronic Warfare (EW), cyberspace, and influence operations. Such actions are critical to implementing the US’s National Security Strategy and the current administration’s priorities [i]. Achieving such capabilities is reliant on planners and practitioners receiving comprehensive training that is driven by a “train as you fight” mentality.
This article highlights recent CCP Information Warfare efforts, explores the unique aspects of INDOPACOM’s Competition Space (CS), and explains why a high-fidelity training platform that can emulate the Information Environment (IE) is crucial for conducting mission rehearsals to effectively execute Information Warfare in the real-world CS. Using such a platform for Mission Rehearsal Exercises (MREs) would allow multi-echelon brigade to high tactical division level units to train as they fight on specific Information Warfare mission requirements.
2.0 THE RECENT INFLUX OF CCP INFLUENCE OPERATIONS AGAINST US STRATEGIC INTERESTS
Over the past four years, the CCP has expanded its influence operations to increase its power to shape and control narratives internationally [ii]. These operations suppress and censor information as well as convince foreign audiences that the CCP is an inevitable and responsible world leader that presents a credible alternative to the US on the global stage [iii], thus subverting the US’s interests and global standing.
The CCP has invested extensively in its IO efforts to date, to varying levels of success. However, as CCP IO efforts ramp up, the scale and effectiveness of their challenges to US national security interests and its standing in the world are becoming increasingly dire, and fast [iv]. As such, it is critical that the US comprehensively invest in further developing the many aspects that feed into Information Dominance.
The CCP’s efforts to spread disinformation regarding the origin of the COVID-19 virus have been its most successful to date in terms of reach. This campaign worked to convince domestic and global audiences that the virus was intentionally released in Wuhan by the US as a bioweapon [v]. Propagation was widespread, with tens of millions of engagements in at least 54 languages [vi]. Disinformation was disseminated by the Chinese Foreign Ministry and its diplomats, government leadership and foreign policy figureheads in Russia, Iran, Venezuela, and the Kingdom of Saudi Arabia (among others), and an array of online media sources [vii]. Western media platforms often failed to attribute propagation as state-sponsored and/or as potential disinformation [viii].
The CCP has also concentrated its IO efforts on Taiwan and Hong Kong. In Taiwan, after the CCP succeeded in influencing the outcome of a mayoral election and in spreading other disinformation [ix], it then attempted to manufacture a favorable outcome in the Taiwanese presidential election in 2020, albeit to lesser effect [x]. In Hong Kong, CCP efforts to denigrate and isolate the pro-democracy movement by condemning and decontextualizing protestors; legitimizing the CCP, Hong Kong’s police, and Government decisions; and emphasizing claims of collusion with US actors, were relatively successful in hindering the movement [xi]. This aided the CCP in moving closer to its ultimate goal of subordinating Hong Kong to the mainland [xii].
In the Philippines, a Facebook disinformation campaign that trumpeted Chinese naval accomplishments, disparaged US activities around the South China Sea, and promoted activities of politicians sympathetic to China, was uncovered in 2020 [xiii]. Seeking to influence the Philippines’ population to align more closely with the CCP, the campaign accrued 130,000+ followers [xiv]. The CCP successfully took advantage of the reach of Facebook in the Philippines, as indicated by the millions of engagements made [xv]. Similarly, a fake video campaign in Thailand succeeded in spurring anti-US sentiment. A viral video of a prison riot in Ecuador was falsely attributed to being a video of a brutal attack on an Asian man in the US [xvi].
China has been investing significantly in developing its Multi Domain Operations (MDO) capability, in which cyberspace operations plays a dominant role [xvii], as detailed further in Section 4.0. China’s offensive cyber capabilities have both directly compromised military and government networks and targeted supply chains and critical infrastructure [xviii]. For example, the 2015 US Office of Personnel Management and the 2017 Equifax breaches were considered to have most likely been orchestrated by the CCP [xix, xx]. In April 2021, it was discovered that hackers linked to the Chinese military had been conducting an espionage campaign targeting military and government organizations in Southeast Asia since 2019 [xxi]. Efforts have also been made by the CCP since the early 2000s to pursue Integrated Network Electronic Warfare that involves combining EW and cyberspace capabilities. These capabilities are organized under Technical Reconnaissance Bureaus, which are responsible for Signals Intelligence collection and computer network operations [xxii].
In sum, CCP technology advancements, disinformation, and cyberspace efforts in the past couple of years have dramatically grown in scope and intensity. Given the CCP’s clear intent to invest significantly in the projection of Chinese “sharp” power in the CS [xxiii, xxiv], levels of sophistication will only increase with time. As such, US efforts to combat these efforts must be proactive, persistent, partnered, and agile.
3.0 UNIQUE CHALLENGES PRESENTED BY CCP INFLUENCE OPERATIONS IN THE COMPETITION SPACE (CS)
Three interrelated developments characterize IO in the CS: asymmetrical access to SM platforms, diversity of languages, and CCP industry ties.
First, a key characteristic is asymmetrical access to media platforms. While major Western SM outlets such as Facebook and Twitter impose no restrictions to access globally, Chinese SM counterparts such as WeChat, Sina Weibo, Tencent Weibo, and Tencent QQ have varying levels of access restrictions. Where non-domestic access is allowed, these platforms still engage in censorship, and support CCP-driven narrative control [xxv]. The CCP aggregates data from multiple information sharing platforms and sensors for collection and intelligence purposes [xxvi, xxvii]. Domestic Chinese populations are restricted from accessing most Western traditional media and SM outlets. This creates difficulties for Western nations to understand domestic CCP Information Warfare efforts and aggregate data. The CCP faces no such impediments in its own collection of data from Western SM platforms. Even worse, with the advancements in global advertising technologies, adversaries can now purchase data on civilian and military personnel targets. One technique used to do so is Ad Geofencing, a location-based service that uses Radio-Frequency Identification (RFID), GPS, Wi-Fi, and/or cellular data to trigger pre-programmed actions. This commercial geo-tool is used by businesses to engage audiences upon their entering or exiting a geofence i.e., advertisements are channeled to target customers within a given radius via mobile marketing tools. Adversaries can use this to target political messaging, acquire information on patterns of life, and surveil real-time movements of anyone possessing a cell phone or using Google and other advertising mediums.
Second, the variety of different languages used in CCP narratives on SM, with a primary focus on traditional and simplified Mandarin, makes gaining a complete understanding of CCP IO efforts arduous and time-consuming. A relative lack of US analysts who are fluent in these languages compounds this issue. Furthermore, few training venues exist to integrate Open Source Intelligence (OSINT) and language analysis. This also makes gleaning cultural norms and nuances specific to certain contexts, and recognizing how those are leveraged in IO efforts, similarly difficult.
Third, CCP intelligence services heavily rely on state-controlled technology enterprises to access and ingest massive amounts of data to make it analyzable and thus actionable [xxviii]. For the US to counter such threats, it would have to procure such services (which entails public acknowledgement) or conduct them itself. However, the proliferation of CCP-mandated backdoors into both companies and individual’s private lives can enable offensive cyberspace operations given a reduction in cybersecurity [xxix]. There is also indication that the CCP is using the products of the abovementioned enterprises to acquire sensitive information from Western users [xxx]. This in turn touches upon the associated fear of Western use of Chinese critical equipment risking the possibility of a CCP kill switch for critical Western infrastructure during an active war [xxxi].
In sum, the above characteristics of the CS in the USINDOPACOM AOR necessitate a more agile and realistic approach to outcompete the CCP and its proxies. They also point to the CCP numerous advantages over the US, meaning that the US must invest even more in its Information Warfare efforts than the CCP does in its own. Overall, it is undeniable that the IE has become one of the primary battlefields on which great power competition takes place. Analysts, practitioners, and decisionmakers should approach it accordingly. Much like 525Tech has emulated Facebook, Twitter, Snapchat, YouTube, and VK, we would invest in recreating WeChat, Sina Weibo, Tencent Weibo, and Tencent QQ and populate these with content based on tailored context- specific (language, cultural characteristics, etc.) scenarios.
4.0 RELEVANCE OF OTHER ASPECTS ASSOCIATED WITH INFORMATION WARFARE
The utility of emulating the IE is not limited to influence operations, cyber, and EW. Given the increasing centrality of Information Warfare in the CS, an emulated IE is essential platform for conducting MREs as well as distributed and multilateral war-gaming to achieve optimal levels of readiness.
Given the US’s increased emphasis on MDO, all dimensions of IO and Information Related Capabilities (IRCs) must be considered with joint and partnered operations in mind. These include, but are not limited to: Cyber Electromagnetic Activities (CEMA); MISO; Special Operations; Civil Military Operations (CMO); Military Deception (MILDEC); Intelligence; Public Affairs (PA); Operations Security (OPSEC); and Strategic Communications (STRATCOM) [xxix]. Such an advanced training environment and mission rehearsal platform can facilitate ease of coordination between these functional areas and their training requirements.
Some units may need a mechanism to aggregate, analyze, and disseminate messaging, while other units may need realistic waveforms, protocols, and information sharing built out with robust user networks and content that can be used to generate intelligence reporting.
Details on how the various IRC mentioned above would benefit from IE training can be found in Appendix A.
Training for an array of different units on one platform enables integrated development of MDO proficiency. Mature MDO allow plans and operations to be interconnected from strategic to tactical operations, where lethal and non-lethal operations are seamlessly integrated at all levels.
The CCP is seeking to “use cyberspace and the EMS [electromagnetic spectrum] to disrupt and fracture the adversary’s system-of-systems and achieve information and decision advantage over a paralyzed, disoriented, and demoralized US or NATO" [xxxii]. Efforts to achieve this have included formation of a Strategic Support Force (SSF) in 2015 to “improve the [People’s Liberation Army (PLA)]’s capacity for operating in the cyber, electromagnetic and space domains,” and significant investment in AI to “enable improved sensor and shooter integration, situational awareness and lethality, and more rapid and automated decision-making exploiting adversaries’ OODA [observe-orient-decide-act] loops” [xxxiii]. In order to counter PLA development of these capabilities, and the CCP’s IO, cyberspace, and EW efforts at large, it is critical that the US recognize the necessity of a cross-disciplinary approach to succeeding in Information Warfare; one that is reliant on comprehensive integration with all other aspects of warfare.
IO and IRC planners, analysts, and practitioners at the Combatant Command (COCOM) and theater service levels must extensively hone the critical skills needed to carry out their missions. In the IE, mission rehearsals are critical to anticipating and engendering desired effects as well as avoiding unintended consequences. US warfighters must, for example, learn how to enable decision-making, protect blue and green C2 information, inform and educate domestic audiences, inform, and influence international audiences, and other aspects of Information Warfare. Such skills can best be developed by engaging in Information Warfare within a highly immersive and complex emulated IE. The only way to “train as you fight” on Information Advantage is by training in a holistic environment that integrates and employs IO and CEMA effects, as well as those other Information Warfare areas. This allows practitioners to train on the greater CS and brings units together that may not normally interact but are all fighting the same mission set. This allows for better communication as well as better knowledge of how to best work together before deployment. Not only can such an environment provide such an opportunity, but it can also be rapidly customized or expanded to meet each COCOM’s specific TTPs and training needs, as well as adversarial TTPs.
Footnotes
[1] In this paper, Information Warfare refers to Influence Operations (IO) and Cyber Electromagnetic Activities (CEMA), which refers to Cyberspace Operations, Electronic Warfare (EW), and Military Information Support Operations (MISO).
APPENDIX A: HOW AN EMULATED INFORMATION ENVIRONMENT CAN BE USED TO DEVELOP IRC
IE training can be used for the following IRC:
CEMA:
EW: An IE training environment can be used to extend virtual environments into the physical domain by:
Creating conditions and effects in the electromagnetic spectrum to support the commander’s intent and Concept of Operations (CONOPS)
Developing electromagnetic jamming, electromagnetic hardening, and signal detection capabilities
Creating reinforcing and complementary effects by affecting devices that operate in and through wired and wireless networks
Cyberspace Operations: an IE training environment can be used by Cyberspace Operations Practitioners to practice:
Establishing and maintaining secure communications and detecting and deterring cyberspace threats to the Department of Defense Information Network
Disrupting/destroying information on adversary computers/computer networks
Detecting, analyzing, and responding to network attacks that would compromise or cripple defense information systems and/or networks
Enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks
Interoperate with hardware-in-the-loop (HWIL) to employ OCO and DCO effects against physical systems in a safe environment
MISO: an IE training environment can provide psychological operations (PSYOP) forces a platform to disseminate messaging campaigns and measure their effectiveness on the Target Audience (TA) entirely isolated from the internet via TA Analysis
Intelligence: An IE training environment can help intel operators practice identifying and coordinating intelligence and assessment requirements that support IO planning and accompanying activities to deliver desired effects in the IE.
CMO: An IE training environment training can be used to establish, maintain, influence, or exploit relations between military forces, indigenous populations, and institutions
OSINT: an IE training environment can be used to collect, aggregate, and analyze Publicly Available Information found openly on the IE
MILDEC: IE training can be used to develop tactical deception, counter-deception, and deception capabilities to support OPSEC. These include feeding information that deliberately misleads the enemy decisionmakers as to friendly military capabilities, intentions, and operations; and leading the enemy to take actions (or inactions) that contribute to accomplishment of friendly mission
PA: IE training can be used to develop the capability to establish conditions that lead to confidence in USINDOPACOM and its readiness to conduct unified land operations. It also can be used to engage the media and key audiences to convey joint and command themes and messages to American and global audiences
OPSEC: IE training can be used to refine abilities to reduce predictability; eliminate indicators of operations; disrupt adversary information gathering; prevent adversary’s recognition of indicators by using diversions, camouflage, jamming, and deterrence; and prevent counter-analysis
STRATCOM: IE training can be used to strengthen capabilities to:
Improve US’s and weaken adversary’s credibility and legitimacy
Convince TAs to take specific actions that support US/international objectives
Cause an adversary to take (or refrain from taking) specific actions
525Tech’s Social Media Environment and Internet Replication (SMEIR) product, a “sandbox” training capability that emulates key aspects of the internet with integration of technologies that replicate the electromagnetic spectrum, can effectively deliver such a training environment to INDOPACOM.
SMEIR supports the needs of Combatant Commands (COCOMs) and theater service components on improving operational readiness in the IE and thus drastically enhancing their ability to establish a credible and robust deterrence against the CCP. The purpose of SMEIR is threefold: (1) to provide exercise designers, planners, and participants the ability to realistically replicate the dynamic nature and unique impacts of CEMA and online information, particularly SM-based information, into multiplayer training and mission rehearsal scenarios; (2) to replicate the IE in which planners and practitioners can practice and refine TTPs for collecting and analyzing such information; and (3) to ensure online exercise activities do not impact the general public, instead remaining strictly within the exercise environment.
APPENDIX B: BIBLIOGRAPHY
[i] Singleton, Craig. “Taking on China – Breaking Down the FY21 NDAA.” Foundation for Defense of Democracies. December 11, 2020, https://www.fdd.org/analysis/2020/12/11/taking-on-china-breaking-down-the-fy21-ndaa/.
[ii] Cook, Sarah. “Special Report 2020: Beijing’s Global Megaphone.” Freedom House. January 2020. Accessed June 28, 2021, https://freedomhouse.org/report/special-report/2020/beijings-global-megaphone.
[iii] Fawcett, Alicia et al. “Chinese Discourse Power: China’s Use of Information Manipulation in Regional and Global Competition.” Atlantic Council, Digital Forensic Research Lab (DFRLab) and Scowcroft Center for Strategy and Security: 3. December 2020. Accessed June 28, 2021, https://www.atlanticcouncil.org/in-depth-research-reports/dfrlab-china-reports/.
[iv] Ibid., 24.
[v] Kinetz, Erika. “Anatomy of a conspiracy: With COVID, China took leading role.” AP News. February 15, 2021. Accessed June 28, 2021, https://apnews.com/article/pandemics-beijing-only-on-ap-epidemics-media-122b73e134b780919cc1808f3f6f16e8.
[vi] Ibid.
[vii] Ibid.
[viii] Ibid.
[ix] Monaco, Nick, Smith, Melanie, and Studdart, Amy. “Detecting Digital Footprints: Tracing Chinese Disinformation in Taiwan.” Graphika; Institute for the Future’s Digital Intelligence Lab; and The International Republican Institute: 16-18. August 2020. Accessed June 28, 2021, https://www.iri.org/sites/default/files/detecting_digital_fingerprints_-_tracing_chinese_disinformation_in_taiwan_0.pdf.
[x] Iain Robertson et al. “Chinese Messaging Across the Strait: China-Friendly Narratives and the 2020 Taiwan Presidential Election.” Atlantic Council, Digital Forensic Research Lab (DFRLab) and Scowcroft Center for Strategy and Security: 25. December 2020. Accessed June 28, 2021, https://www.atlanticcouncil.org/in-depth-research-reports/dfrlab-china-reports/
[xi] Iain Robertson et al. “Targeting the Anti-Extradition Bill Movement: China’s Hong Kong Messaging Proliferates on Social Media.” Atlantic Council, Digital Forensic Research Lab (DFRLab) and Scowcroft Center for Strategy and Security: 21. December 2020. Accessed June 28, 2021, https://www.atlanticcouncil.org/in-depth-research-reports/dfrlab-china-reports/
[xii] Ibid.
[xiii] Winger, Gregory. “China’s Disinformation Campaign in the Philippines.” The Diplomat. October 6, 2020. Accessed June 28, 2021, https://thediplomat.com/2020/10/chinas-disinformation-campaign-in-the-philippines/.
[xiv] Ibid.
[xv] Ibid.
[xvi] Tang, Jane. “China’s Information Warfare and Media Influence Spawn Confusion in Thailand.” Radio Free Asia. May 13, 2021. Accessed June 28, 2021, https://www.rfa.org/english/news/china/thailand-infowars-05132021072939.html.
[xvii] Black, James and Lynch, Alice. “Cyber Threats to NATO from a Multi-Domain Perspective.” NATO Cooperative Cyber Defense Center of Excellence (CCDCOE): 133-135. December 2020. Accessed June 28, 2021, https://ccdcoe.org/uploads/2020/12/7-Cyber_Threats_NATO_Multidomain_Perspective_ebook.pdf.
[xviii] International Institute for Strategic Studies (IISS). “China’s Cyber Power in a New Era.” Asia Pacific Regional Security Assessment 2019. May 2019. Accessed June 28, 2021, https://www.iiss.org/publications/strategic-dossiers/ asiapacific-regional- security-assessment-2019/rsa19-07-chapter-5.
[xix] Fruhlinger, John. “The OPM Hack Explained: Bad security practices meet China’s Captain America.” CSO Online. February 12, 2020. Accessed June 28, 2021, https://www.csoonline.com/article/3318238/the-opm-hack-explained-bad-security-practices- meet-chinas-captain-america.html.
[xx] Fruhlinger, John. “Equifax data breach FAQ: What happened, who was affected, what was the impact?” CSO Online. February 12, 2020. Accessed June 28, 2021, https://www.csoonline.com/article/3444488/equifax-data-breach-faq-what-happened-who- was-affected-what-was-the-impact.html.
[xxi] “Significant Cyber Incidents.” Center for Strategic and International Studies, Strategic Technologies Program. Accessed June 28, 2021, https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents
[xxii] Dahm, J. Michael. “Electronic Warfare and Signals Intelligence.” John Hopkins Applied Physics Laboratory. 2020. Accessed June 28, 2021, https://www.jhuapl.edu/Content/documents/EWandSIGINT.pdf.
[xxiii] Cook, Sarah and Tiffert, Glenn. “China's Battle for Global Public Opinion” (webinar). Hoover Institute, Stanford University. April 13, 2021. Accessed June 28, 2021, https://www.hoover.org/events/chinas-battle-global-public-opinion.
[xxiv] Shen, Simon. “The World is Awakening to China’s Sharp Power.” The Diplomat. June 23, 2020. Accessed June 28, 2021, https://thediplomat.com/2020/06/the-world-is-awakening-to-chinas-sharp-power/.
[xxv] Cook, Sarah. “Special Report 2020: Beijing’s Global Megaphone.” Freedom House. January 2020. Accessed June 28, 2021, https://freedomhouse.org/report/special-report/2020/beijings-global-megaphone.
[xxvi] Lehr, Amy K., and Rep. Gallagher, Mike. “A Different Kind of Prison: Mass Surveillance in Xinjiang and Its Global Implications” (transcript). Center for Strategic and International Studies. June 28, 2019. Accessed June 28, 2021, https://www.csis.org/analysis/different-kind-prison-mass-surveillance-xinjiang-and-its-global-implications.
[xxvii] “China’s Collection of Genomic and Other Healthcare Data from America: Risks to Privacy and U.S. Economic and National Security.” The National Counterintelligence and Security Center. February 2021. Accessed June 28, 2021, https://www.dni.gov/files/NCSC/documents/SafeguardingOurFuture/NCSC_China_Genomics_Fact_Sheet_2021.pdf.
[xxviii] Dorfman, Zach. “Tech Giants are Giving China a Vital Edge in Cyber Espionage.” Foreign Policy. December 23, 2020. Accessed June 28, 2021, https://foreignpolicy.com/2020/12/23/china-tech-giants-process-stolen-data-spy-agencies/.
[xxix] US Joint Chiefs of Staff. “Joint Publication 3-13: Information Operations.” November 20, 2014. Accessed April 20, 2022.
[xxx] Ibid.
[xxxi] Gorman, Lindsay. “5G is Where China and the West Finally Diverge.” The Atlantic. January 5, 2020. Accessed June 28, 2021, https://www.theatlantic.com/ideas/archive/2020/01/5g-where-china-and-west-finally-diverge/604309/.
[xxxii] Ibid.
[xxxiii] Black, James and Lynch, Alice. “Cyber Threats to NATO from a Multi-Domain Perspective.” NATO Cooperative Cyber Defense Center of Excellence (CCDCOE): 134. December 2020. Accessed June 28, 2021, https://ccdcoe.org/uploads/2020/12/7- Cyber_Threats_NATO_Multidomain_Perspective_ebook.pdf.
[xxxiv] Ibid.
About the Author
Amanda Lockwood is the President of 525Tech. The 525Tech team provides world class cyber and information warfare training to the DoD. Before coming to the IDS-T team, Amanda served in the US Marine Corps for 9 years as an Intelligence Analyst and an offensive cyber operator. She pursued her degree in Intelligence and Security Studies with a focus on cyber and information warfare. After seeing the effects of cyber threats firsthand, Amanda became dedicated to enhancing America’s cybersecurity by providing the most realistic cyber training possible.
About the Author
Melissa Sowerwine is the Director of 525Tech and uses her background in Public and Government Affairs, and Geopolitical Analysis to support stakeholder engagement, strategic growth, and content development. Prior to 525Tech, Melissa served as the VP of Operations at Red Six Solutions, an organization specializing in strategic red teaming. Prior to that, Melissa worked for the global consulting firm Teneo, where she assisted Fortune 500 companies with reputation management, crisis management, media relations, and navigating the complex political arena in the nation’s capital. Melissa’s degree is in International Affairs and Political Science with a focus on the MENA region.
About the Author
He's the CEO and co-founder of VAST (Veracity Authentication Systems Technology), a SaaS startup that can dynamically analyze, rank, and filter information to prebunk disinformation, misinformation and bias from the point of origin. Before founding VAST, Doowan was a professor and principal investigator with the federal government where he developed and executed large technical projects on mapping influence activities. In the private sector, he led research and strategy at a large AI analytic company. He is also a full member of the Social Media Governance Task Force at Georgetown University.