China’s Trump Cards for Trump 2.0
As China braces for upcoming US challenges, cyber escalation is likely
Chinese media are chattering about the result of the November 5 US presidential election, what comes next in US-China relations, and how to maneuver in uncertain times. Common themes emerge: “we (China) have seen this before”; there is “nothing to be afraid of”; and “we are ready to take the challenge.” To put this sentiment in perspective, it is worthwhile to look back five years to gain a better understanding of the Chinese government’s attitude toward a second term Trump presidency and the potential cyber implications in 2025.
China’s Three Trump Cards
During the high-tension US-China trade war in June 2019, Fan Yongpeng (范勇鹏), professor and deputy director of the China Institute at Fudan University, told the audience of the “This is China” TV talk show that China had three “trump cards” (王牌) to win that trade war. These three trump cards were: political autonomy; a complete industry and technology ecosystem; and a large-scale economy. Fan’s boss at the China Institute, Zhang Weiwei (张维为), who was co-hosting the talk show, told the audience that he was optimistic about US-China relations in the future. He cited two idiomatic English expressions that he saw as summing up the “characteristics of Americans.” One is that “things may have to get worse before they get better.” Zhang explained, “This is largely in line with the dialectics of progress, which comes through conflicts [that help us] to understand adversaries or competitors, building a new balance from a new foundation, then better communication takes place.” He had in mind the Marxist idea that history moves forward in a dialectic way, through pendulum swings that eventually yield gradual progress. The other expression is “if you can’t beat them, join them.” Zhang said that “the US intends to contain China’s rise, but they will realize it fails in the end, then they will change” and will give up on trying to “beat” China and will “join” it instead.
Professor Zhang may be overconfident that the US would “change” to China’s liking. However, People’s Daily, the official news media of the Chinese Communist Party (CCP), praised Zhang’s statement, saying he had used “his voice to shout out his deep confidence in the China Model,” referring to China’s distinctive developmental path. In fact, Zhang was considered a renowned scholar in the study and promotion of the China Model and China’s Discourse Power.
Five years later, in March 2024, when Zhang gave a speech about former President Donald Trump “making a comeback” in the US Presidential election, Zhang stated that “the American political system is genetically flawed, and I am afraid that whether Trump returns to the White House or not, America’s national fortunes will continue to decline.” … “For China, we will deal with the political changes in the United States calmly. As the Chinese saying goes: when the enemy invades with soldiers we fight back with military; when the flood comes we build a dam with soil (兵来将挡, 水来土掩).” Zhang used a Chinese phrase that means “be flexible and solve problems with the right plan.” Zhang continued, “We believe that the United States has lost the ‘trade war,’ basically lost the ‘war of science and technology’ as well, and will eventually lose the ‘financial war.’” Zhang ended the speech by confirming, “Time is on our side. History is on our side. This is still our position today, and if anything has changed, that is that we have more confidence in overcoming the US challenge.”
Well, that was quite confident! Although Professor Zhang Weiwei didn’t give any concrete evidence to back up what he said, the confidence from Chinese scholars like Zhang that China can handle the potential uncertainty of US-China relations in the upcoming new US administration is a prominent theme in China’s state-approved messaging. On the other hand, China’s confidence also means China would not fear confrontation with the United States, as Chinese Foreign Minister Wang Yi put it in 2021, and as various Chinese official remarks continue to stress.
In some ways China appears to have an even stronger grip on the three trump cards that Professor Fan cited in 2019. China’s top leader Xi Jinping has secured his seemingly forever-term in power with a tight grip on China’s political and economic life and public discourse. China can be said to have political autonomy in global affairs because China claims that the country and its Communist Party leadership “does not have to listen to any big brothers”. China has joined with Russia in proclaiming progress toward a “new world order” that is less dependent on the US dollar and Western financial institutions. China has continued promoting self-reliance and the building of its own industry and technology ecosystem. This includes taking steps toward a leading role in shaping international technical standards, “for everything from 6G to quantum computing,” as the Economist reported, rather than having to conform with technical standards developed by other countries. Lastly, US officials report that China has continued its global economic expansion through investments in places like Africa. In some ways, China still appears to hold the updated 2.0 trump cards .
Chinese scholars’ patriotic bluster may not paint a complete picture of reality. Analysis from overseas media is evenly split on whether China is looking stronger or weaker than it did five years ago. For example, China’s domestic computer chips still show a “gap in capability from the most advanced varieties made in Taiwan, using technology from the United States, Europe and Japan,” as a New York Times analysis pointed out. Some of the cockiness in official Chinese pronouncements may be aspirational, intended to bolster the morale of China’s domestic innovators and investors.
Volt Typhoon: Things Continue Getting Worse
In the context of China’s determination to overcome whatever challenges the country will face from the new US administration, looking into the cyber front, we have seen that cyber operations from China have evolved since 2015. A significant turning point was the revelation in May 2023 that Chinese state threat group Volt Typhoon had targeted US critical infrastructure. Subsequently the US government officially reported on Volt Typhoon following the US Department of Justice (US DoJ)’s takedown of a botnet allegedly used by Volt Typhoon in January 2024. US officials pointed out that China’s “historical focus on stealing state secrets and espionage,” meaning cyber espionage for political and economic interests, has evolved into a more ominous intention to prepare for destructive attacks. As US officials said, Volt Typhoon campaigns show “a new interest in preparing and launching destructive cyberattacks against US electricity systems, water utilities, military organizations and other critical services,” and the intent is to “cause disruption and sow societal panic, especially in the event of a military conflict.”
If China, indeed, is preparing for and pre-positioning the country for any kind of military conflict using cyber means – such as if the US military helped Taiwan resist a potential Chinese attack – this makes us wonder what China’s next move will be in other than a military conflict. As we know, cyber activities for the purpose of pre-positioning can also be a form of deterrent, such as to make the future Trump administration think twice about coming to the aid of Taiwan. Influencing the US policy-making process or stealing intellectual property through cyber espionage to further China’s strategic goals also likely remain on the regular Chinese threat activity agenda.
Cyber operations are often stealthy. Threat actors pre-positioned in US infrastructure, if not detected, could stay in the systems for a long time. Publicity about Volt Typhoon may have led to new awareness and detections of formerly hidden Chinese pre-positioning. In early November 2024, Bloomberg reported that Volt Typhoon targeted Singtel, a Singapore telecommunications carrier. Although Bloomberg did not give any details of its sources that confirmed the Volt Typhoon attribution, the report cited two unnamed individuals, who are “familiar with the matter,” stating the Singtel case was “a test run by China for further hacks against US telecommunications companies, and information from the attack has provided clues about the expanding scope of suspected Chinese attacks against critical infrastructure abroad, including in the US.” Following Bloomberg’s report, the Register, an online technology news publication headquartered in the United Kingdom (UK), confirmed with Singtel that the company “detected malware in June,” which was the same breach timeline Bloomberg reported. However, Singtel didn’t confirm the Volt Typhoon attribution. Subsequently, A November 12 report from SecurityScorecard, a cybersecurity company based in New York, said Volt Typhoon “has returned, more sophisticated and determined than ever” by expanding its global network with compromised routers, rebuilding its KV botnet, and using New Caledonia, the French-owned Pacific island nation off the coast of Australia, as a covert hub for cyber espionage, potentially providing an undetectable route to attack US targets.
Despite the lack of details to bolster the Volt Typhoon attribution (again?), the US and the so-called Five Eyes countries (US, UK, Canada, Australia, and New Zealand) have confirmed in a February 2024 Joint Cybersecurity Advisory that “Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations—primarily in Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors—in the continental and non-continental United States and its territories, including Guam.” However, the Singtel and other breaches happened later in 2024, after the exposure of Volt Typhoon activities and the publication of the Joint Cybersecurity Advisory. It seems that Volt Typhoon has not stopped its threat activities at all. It has been joined by other state threat groups: Flax Typhoon, which developed a botnet potentially usable “as a proxy to conceal their identities while deploying distributed denial of service (DDoS) attacks or compromising targeted U.S. networks”; Salt Typhoon, which compromised US Internet service providers to obtain access to US law enforcement wiretap services and the US presidential and vice-presidential candidates; and an unnamed campaign to tap the cellphone of Trump lawyer Todd Blanche. These Typhoons have all undertaken espionage activities that could facilitate future disruptive or destructive attacks or to influence the future president’s decision-making.
If China’s leaders believe the English saying that “things may have to get worse before they get better,” it looks like at least from the China side that “things” – a second-term Trump administration and the US-China relations - are still on the path to get worse, and potential escalation of Chinese cyber threat activity is very likely in the near future.