Over the past ten years, China has ramped up its cyber warfare operations, becoming responsible for more than a third of the world’s cyberattacks. The country has notably amassed a vast collection of Zero Day Exploits (ZDE)—software vulnerabilities unknown to developers that allow hackers to penetrate computer networks. In 2023, China held over 80% of the available ZDEs, reinforcing its dominant position in the realm of cyber warfare.
China is now the global leader in cyberattacks due to its extensive collection of Zero Day Exploits (ZDE). These software vulnerabilities, sometimes sold for over a million dollars on the black market, enable large-scale hacking operations. China uses these exploits to conduct espionage and sabotage operations worldwide, making it the primary global cyber threat.
Zero Day Exploits: valuable cyber weapons
A Zero Day Exploit is a software vulnerability unknown to the developers. These flaws allow hackers to access networks undetected. They are especially valuable in cybersecurity as they offer an unsecured entry point into computer systems. Discovering a ZDE is rare and costly, and its value can vary based on its effectiveness and the scope of the attacks it can enable.
For example, some ZDEs targeting software used by millions of users worldwide can be worth over one million dollars. While cybersecurity firms offer bounties for discovering these vulnerabilities, a more lucrative black market exists, where governments and criminals pay significantly higher sums for these flaws. This underground market is fueled by the growing demand from states, notably China, which uses these vulnerabilities for cyber espionage and sabotage operations.
China’s role in cyber warfare
For several years, China has accumulated an impressive collection of ZDEs, giving it a dominant position in cyber warfare. With over 80% of the ZDEs available globally, China could potentially launch large-scale cyberattacks against its adversaries. Although the country is not officially at war, this collection of exploits represents a powerful weapon in its cyber arsenal.
In theory, preparing for cyber warfare is similar to preparing for armed conflict. Nations accumulate “ammunition,” which in this case refers to unpatched security vulnerabilities. China and the United States are the two superpowers in this new form of conflict, with massive digital arsenals. However, in recent years, China has taken the lead by heavily investing in its cyberattack capabilities, recruiting hackers, and developing partnerships with criminal organizations.
System infiltration through malware
One of the primary methods used by Chinese hackers is infiltrating networks through malware. These programs, often introduced via ZDEs, turn infected computers into zombies or bots, controlled remotely by hackers. These “zombies” can be used to steal, modify, or destroy sensitive data, or even paralyze entire computer systems.
The use of malware has become a true industry. Beyond basic spam and simple attacks, Chinese hackers specialize in industrial and military espionage. These activities allow them to steal technological secrets, obtain confidential information on defense projects, and undermine the economic and military capabilities of targeted nations. The strength of these attacks lies in the hackers’ ability to exploit ZDEs before the flaws are fixed by software developers.
The use of mercenaries in cyber warfare
In this race to accumulate exploitable vulnerabilities, states do not hesitate to employ cyber mercenaries. China openly encourages its hackers to attack foreign targets, particularly the United States and Japan. The country also uses criminal organizations to conduct cyberattacks, facilitated by China’s authoritarian state, which maintains strict control over these groups while using them for strategic purposes.
The use of mercenary hackers has become widespread as cyber warfare becomes a key component of modern conflicts. These mercenaries provide novel vulnerabilities, develop custom malware, and carry out espionage operations on behalf of governments. This outsourcing allows states like China to quickly increase their offensive capabilities in cyberspace without directly mobilizing their own resources.
The economic and strategic consequences of Chinese dominance
China’s dominant position in cyber warfare has deep economic and strategic consequences. In addition to financial losses linked to intellectual property theft, Chinese cyberattacks weaken the defense and intelligence capabilities of targeted countries. Each year, billions of dollars are lost due to cyberattacks, whether from data theft, industrial sabotage, or disruptions to critical infrastructure.
Moreover, China’s dominance in this field strengthens its position as a technological superpower capable of rivaling the United States. China’s offensive capabilities in cyberspace are a major strategic asset in current geopolitical tensions, particularly in the Sino-American rivalry. While the United States and its allies seek to bolster their defenses, China continues to expand its digital arsenal, placing its adversaries in an increasingly vulnerable position.
Toward a generalized cyber conflict?
Cyber warfare, though invisible to the general public, is now a major threat to global security. As China continues to strengthen its offensive capabilities, the United States and its allies will need to intensify their efforts to defend against this form of conflict. The risk of a large-scale cyberwar, involving attacks on critical infrastructure (electric grids, communication systems, financial infrastructures), is now very real.
China’s power in the field of cyber warfare also raises the question of international regulation. As cyberspace becomes a full-fledged battleground, it is essential that international agreements are put in place to limit the escalation of tensions and prevent open conflicts. Cyber warfare, though silent, is now an unavoidable reality in modern geopolitics.
War Wings Daily is an independant magazine.