China Conducts Anti-Terror Cyber Operations With SCO Partners

"Xiamen-2015" Internet Counter-Terrorism Exercise Logo (Source: Xiamen TV)

China has conducted its first joint Internet Anti-Terror Exercise (网络演习), “Xiamen 2015,” with the members of the Shanghai Cooperation Organization (SCO) (Xinhua, October 14). Teams from all of the SCO’s member states, China, Kazakhstan, Kyrgyzstan, Russia, Tajikistan and Uzbekistan, participated (Xiamen TV, October 14). This follows a traditional joint counter terrorism exercise, “Counter-Terrorism in Central Asia-2015” held in Kyrgyzstan on September 16 (Regional Anti-Terrorist Structure, September 19).

Though unconfirmed, the exercise’s location in Xiamen, far from traditional SCO exercise areas in China’s west, might reflect the involvement of the Chinese Military’s General Staff Department (GSD) Third Department, responsible for electronic surveillance and data collection. The Third Department also plays a role in border security and counter-terrorism activities.

The Internet anti-terrorism exercise, which was decided upon in April, is meant to improve SCO member state authorities’ ability to investigate and prevent the use of the Internet for promotion of the “three evils”: terrorism, separatism and extremism. The exercise simulated a terrorist group’s use of websites, forums and social media within SCO member nations to incite terrorist, separatist and extremist activity. A key focus of the exercise was improving SCO members’ ability to coordinate and share information (Xinhua, October 14).

Shanghai Cooperation Organization Regional Anti-Terror Structure (RATS) executive committee director Zhang Xinfeng directed the exercise. Reflecting the coordination with law enforcement authorities, Ministry of Public Security (MPS) deputy minister Chen Zhimin (陈智敏), as well as members of the local Fujian province Public Security Bureaus also attended.

The SCO initially set up an Internet expert group in September 2013 as part of the 2013–2015 outline of SCO Cooperation and began to strengthen Internet counter-terrorism law enforcement (Xinhua, October 14; Xinhua, September 14, 2013). The exercise, then, represents a further expansion of this cooperation. A key part of cross-border monitoring and information sharing will be enhanced ability to predict attacks and identify extremist networks.

Chen Zhimin, who is also a deputy director of the State Internet Information Office, has repeatedly emphasized the importance of improving China’s Internet monitoring and early warning systems (China Economic Net, January 23; MPS Website, May 20). His speeches reportedly acknowledge vulnerabilities (“loopholes” or “backdoors,” 漏洞,隐患) within the system and call for improvements to the technology (MPS Website, August 4).

The early warning capability in particular has become even more important in the wake of knife attacks in Xinjiang and bomb blasts in Guangxi province (RFA, September 22; Xinhua, October 2). SCO members are eager to improve their ability to monitor and predict extremists movements across their borders.

Increased cooperation in the arena of counter-terrorism also neatly dovetails with China’s new Internet Security Draft Law, promulgated in July of this year (National People’s Congress Website, July 6). The first section of the Internet law calls for “vigorous development” of international exchanges and cooperation in pursuing and preventing cybercrime and terrorism.

The other dominant partner within the Shanghai Cooperation Organization, Russia, has also demonstrated considerable concern about the use of the Internet by terrorists. Last year, it began blocking a number of websites related to the Islamic State, and has been active in suppressing extremist presence on social media within Russia (Eurasia Daily Monitor, September 11, 2014; Eurasia Daily Monitor October 31, 2014). Earlier this year Russia’s Federal Security Service (FSB) highlighted the issue during a briefing for the United Nations Counter-Terrorism Committee by (UN, February 13).

Russian and Chinese citizens have joined the Islamic State, and Internet monitoring—particularly of social networks—offers perhaps the best means of identifying these individuals, preventing them from going abroad and knowing if they plan to return (Reference News, June 15; Global Times, January 23). The return of these radicalized citizens to their home countries, perhaps presents the greatest threat.

Although the focus of “Xiamen 2015” and future SCO cyber exercises will be terrorism, China and Russia also share broader goals for the Internet. Both countries are increasingly focused on setting up “intranets,” further limiting internet access beyond their borders. Political control is an integral part of China’s cyber strategy (China Brief, April 16). The “three evils” classification—and separatism and extremism in particular—are broad enough to include a large number of non-terrorism-related groups and activities that would nevertheless fall under Chinese cyber rules.

Xi Jinping’s recent state visit to the United States offered some hope that the U.S. and China could resolve some of the issues regarding cybercrime. However, recent reports have indicated that Chinese cyber-espionage against targets in the United States are proceeding unabated. Still, there might be room to achieve a much more limited “consensus” between the two countries on cyber issues regarding the (much more limited) issue of terrorism (State Council Information Office Website, September 25; White House, September 25). For the members of the Shanghai Cooperation Organization, such information sharing could help better leverage their more limited policing resources to stop the flow of extremist ideas and volunteers from Eurasia to Syria and the Islamic State and back again.