Will China’s New Theater Command Structure Effect Cyber Espionage Operations?

NEW 160203 - cwbox03In February, Chinese President Xi Jinping announced that the People’s Liberation Army’s (PLA) current structure of seven military regions (MRs) would be replaced by five new Theater Commands (TCs) – Eastern, Southern, Western, Northern, and Central.  The objective of this effort is to modernize China’s military into a joint operations force similar to the construct of the U.S. combatant commands. The old MR construct has been in place since the founding the Peoples Republic of China in 1949.

The new reorganization of the PLA is a major initiative that comes on the heels of two other military reforms already underway: the reform of the “four general headquarters/departments” system meant to overhaul China’s top-heavy senior leadership hierarchy, and the establishment of the specialized forces such as the Rocket Force (which ostensibly replaces the current 2nd Artillery Force, the entity that oversaw the country’s nuclear capabilities), an effort to modernize its nuclear deterrent and conventional missile capabilities, and the Strategic Support Force, a unit dedicated to cyber operations that will focus on “technological war” – both in space as well as via the Internet.   The elevation of both into their own separate units reflects the importance the PLA places on these capabilities, and their applicability toward how future conflicts will be fought.

According to Chinese Press, the five Theater Commands will have their own strategic directions and defense responsibilities. It remains uncertain if they will retain some of the same mission requirements that their predecessors had. One of the “improvements” in the new organizational structure is the reduction of overlapping areas of responsibility the previous model had.  For example, under the MR arrangement, Lanzhou and Chengdu MRs both would be involved in any activities involving India and/or Pakistan.  The new model should in theory alleviate such discrepancies.

One notable development with the new management system is that it’s designed to support proactive defense rather than solely regional defense. This means that the TCs would be able to attack proactively once a conflict broke out, rather than wait until defending once the enemy breached China’s borders.  “Active Defense” was initiated in China’s 2015 Military Strategy white paper and is now reflected in its military reforms, and reinforces its commitment to winning local wars under informatization.  Based on this strategy, the realignment to more streamlined, joint operations-focused commands makes sense particularly as China concentrates on regional maritime concerns and encroachment of the West in the Asia-Pacific region.

However, how does this restructuring affect military-related cyber operations?  Prior to realignment, China’s MRs each possessed one or more military units known as Technical Reconnaissance Bureaus (TRB) that possessed at least some cyber exploitation capability believed to support mission areas of the MRs.  However, with the Strategic Support Force (SSF) in place, such cyber units may move out from under the Third Department’s control.  According to one report, SSF’s responsibilities will include the “five domains” of intelligence, technical reconnaissance, electronic warfare, cyber offense and defense, and psychological warfare.”  This suggests that tasking of cyber reconnaissance efforts may be directed from a higher authority than just the Third Department.

Some of the cyber espionage activity believed to be conducted by such TRBs was partially attributed based on the mission areas of their MR, although the wide variety and overlapping of targets suggest more of an autonomous reality. Whether China’s acknowledgment of the hackers alleged to be from its military cadre were engaged in criminal operations and not state directed ones is true, the consolidation of these cyber forces would certainly provide more oversight of their activities, and a more difficult time explaining away their actions if caught in the future.

Since the arrest of these hackers and the no-hack agreement established between China and the United States (as well as other members of the G-20), there has been limited reporting of ongoing suspected Chinese cyber espionage tied to military individuals or units, many believing that the bulk of these activities being transferred to Chinese civilian intelligence agency responsibilities. If true, this may very well mean that the military’s cyber forces will focus on more strategic endeavors that support the goals of China’s recent military reforms and the objectives outlined in the 2015 Military Strategy.