The People's Republic of China's Cyber Coercion: Taiwan, Hong Kong, and the South China Sea

The People's Republic of China's Cyber Coercion: Taiwan, Hong Kong, and the South China Sea

This paper investigates the increasing use of cyber coercion by the People's Republic of China (PRC) among its core interests: Taiwan, Hong Kong, and the South China Sea. It argues that the PRC's deployment of sophisticated attacks in the form of cyber coercion continues to be part of its geostrategic playbook to exert its influence and prosecute its wider interests as a rising power in the Indo-Pacific region. However, it observes that cyber coercion will be employed by the PRC in concert with all the other tools - diplomatic, economic, and the political - across the spectrum. The paper has two broad goals: first to unpack the trends or patterns in the PRC-sponsored cyber coercion by accentuating contextual and operational dimensions using Taiwan, Hong Kong, and the South China Sea as analytical case studies; second, to highlight the opportunities and limitations of using cyber coercion as an asymmetrical capability in the changing threat landscape. The paper concludes that the PRC's cyber coercion is characterized by blurring the distinction on what constitutes compellence and deterrence. The boundaries are not clear cut, and to a certain degree both are even mutually reinforcing. The in-depth analysis of the case studies reveals the growing prominence of disinformation campaigns in close coordination with cyber operations (malware, phishing, and DDoS attack). This emboldens the PRC with a myriad of coercive strategies in shaping its external environment and realizing its ambition of national rejuvenation across Taiwan, Hong Kong, and the South China Sea.