The Latest Indication of the PLA’s Network Warfare Strategy

Publication: China Brief Volume: 15 Issue: 24

The Science of Military Strategy 2013. A new edition released through China's National Defense University provides additional details about PLA Cyber warfare.

Comparing the Strategic Guidance for Military Struggle in Cyberspace from the 2013 and 2015 editions of The Science of Military Strategy 

The 2015 text of The Science of Military Strategy (战略学), published by the PLA’s National Defense University (NDU) in April, offers an interesting contrast with the 2013 Academy of Military Science (AMS) edition. These authoritative texts, which are used as teaching and reference materials for senior PLA officers, articulate the PLA’s thinking on and approach to military strategy in multiple domains and contexts. [1] Since the AMS has a more direct role in the formulation of military strategy, the 2013 text of The Science of Military Strategy might be more authoritative than the 2015 edition. [2] However, this NDU text also presents an influential perspective that merits closer examination. [3] Notably, the 2015 text includes not only sections on ‘military struggle in cyberspace’ (网络空间军事斗争) and network-electromagnetic space operations (网络电磁空间作战) but also a full chapter on measures to establish and develop the PLA’s cyberspace forces. [4]

There are sections within this 2015 text that seem to reflect a relatively distinctive approach to certain issue areas, including military struggle in cyberspace. The various differences and divergences between these two texts might indicate variance in perspective at the institutional level and/or a discernible change in the PLA’s recent strategic thinking on conflict in this new domain. [5] Although this limited, preliminary comparison of the 2013 and 2015 texts hardly allows for a definitive assessment of the potential shifts in China’s strategic thinking on cyber warfare during this timeframe, this recent edition of The Science of Military Strategy does introduce certain concepts that are new relative to the 2013 AMS text, including the prioritization of defending China’s cyber sovereignty (网络主权) and “cyber borders” (网络边疆), while also articulating the intention to establish a “cyberspace forces leadership structure” (网络空间力量领导体制), analogous to U.S. Cyber Command. [6]

New Perspectives on Cyber Reconnaissance and Cyber Deterrence?

At a basic level, the AMS and NDU texts differ in their respective categorizations and definitions of the forms of cyber warfare, especially with regard to cyber reconnaissance and cyber deterrence. [7] In the 2013 text, cyber reconnaissance is discussed as inherently related to and potentially the precursor for cyber attack; in the 2015 text, on the other hand, the espionage-related aspects of cyber reconnaissance are emphasized. By the AMS text’s characterization, cyber reconnaissance is typically “the preparation for probable future cyber attack operations.” However, the 2015 text does not mention the technical or operational linkages between cyber reconnaissance and cyber attack. Rather, according to that text, “cyber espionage struggle has become the most apparent form of peacetime military struggle in cyberspace.” Here, the U.S. National Security Agency’s program Prism is discussed as an indication of the extensiveness and sophistication of U.S. cyber espionage activities. This allusion to U.S. cyber espionage and the addition of “counter-reconnaissance” could perhaps reflect the impact of Edward Snowden’s revelations upon the PLA’s perceptions of China’s vulnerability to U.S. cyber capabilities.

While the 2013 and 2015 texts each recognize the strategic significance of cyber deterrence, this concept is seemingly more highly prioritized and discussed with additional nuance in the 2015 text. As of 2013, there was uncertainty associated with the AMS characterization of cyber deterrence; at that time, the authors mentioned that the existence of “very large differences” of opinion on cyber deterrence, such that the “theories and practice of cyber deterrence” were ‘still pending improvement’ and required further development. On the other hand, in the 2015 text, cyber deterrence is discussed with less uncertainty and divided into strategic and tactical levels. According to the NDU text, “strategic-level cyber deterrence” (战略级网络威慑) involves the demonstration of cyber attack capabilities, which would have massive destructive power if used against an enemy’s political, military, and economic targets, including C4ISR systems, while “tactical-level cyber deterrence” (战术级网络威慑) primarily entails the use small-scale cyber attacks in order “to ensure the maintenance of national security in peacetime.” Notably, this discussion of tactical-level cyber deterrence seems relatively unique, compared to previous such publications, which may reflect the PLA’s concern with deterring not only large-scale cyber attacks but also lower-level cyber threat activities. However, the actual operationalization and potential efficacy of such an approach to cyber deterrence is another question entirely.

Comparing the 2013 and 2015 Texts’ Strategic Guidance for “Cyber Military Struggle”

The strategic guidance (战略指导) for this new form of military struggle evolved between the 2013 and 2015 texts, and it is notable that each articulates a relative emphasis on defense. Nonetheless, each text also emphasizes the criticality of the “cyber battlefield” to winning future informationized wars in this and other sections of the text. The NDU text asserts, “victory in war first starts from victory in cyberspace; whoever seizes the initiative in cyberspace will win the initiative in war.” Concurrently, there is also, however, a defensive orientation relative to the PLA’s previous strategic guidance on cyber warfare, which, as of the 2001 text of The Science of Military Strategy, under the aegis of strategic information operations, included the exhortation to “gain the initiative through striking first and seize the decisive opportunity” (先发制人, 掌握先机), while implementing “active offense” (积极进攻). However, as of the 2013 or 2015 editions, the PLA’s concept of ‘military struggle in cyberspace’ appears more directly linked to its overall strategy of active defense, despite still emphasizing an offensive approach to cyber warfare in a wartime scenario.

In the 2013 text, the first strategic guidance is to “establish the protection of the safety of the nation’s important information and information networks as the fundamental objective.” [8] This clear emphasis on the defensive is followed by a second strategic guidance to “manage well’ the relationships of peacetime and wartime, attack and defense, and deterrence and warfare in cyber confrontation. Under the aegis of this guidance, the authors note that relative to its “primary strategic adversary,” implicitly the U.S., China is inherently at a disadvantage in cyber confrontation, such that it should “give priority to defense; give simultaneous consideration to attack and defense” (以防为主, 兼顾进攻). Although this emphasis on defense doesn’t detract from the focus on offense and potentially even preemption in the scenario of an informationized war, the strategic guidance as listed does seem to indicate the PLA’s intensified concerns about its relative vulnerability and the necessity of enhancing its defensive capabilities.

After the preceding two points, the third element of the guidance listed in the 2013 text, which discusses the PLA’s intentions to establish three forms of “specialized cyber operations forces” (专业网络作战力量), should not necessarily be assessed as an indication of predominantly offensive intentions, since such forces could have both offensive and defensive applications. These three types of cyber forces are “specialized military cyber warfare forces” (军队专业网络战力量); “PLA-authorized forces” (授权力量); and civilian forces (民间力量), as has been previously discussed (China Brief, April 16). [9] This commitment to developing and advancing China’s cyber forces and capabilities is also reaffirmed and further detailed in the NDU’s 2015 text.

Looking now to the strategic guidance for cyberspace military struggle within the 2015 NDU text, the first listed elevates the defensive orientation evident in the 2013 text to an even higher level, with the exhortation to “defend cyber borders; guard cyber sovereignty and national security” (守卫网络边疆, 捍卫网络主权和国家安全). Although the concept of “cyber sovereignty” (网络主权) has been increasingly prioritized by and prevalent in the statements of China’s civilian leadership, including during the recent World Internet Conference in Wuzhen, this is apparently the first time that this concept has been used in a PLA publication with this level of authoritativeness (China Brief, September 4). So too, the notion of cyber borders (网络边疆), while previously discussed in the broader PLA literature, especially in the writings of Major General Ye Zheng, a member of the PLA’s Strategic Advisory Committee and an influential information and cyber warfare theorist, is also new relative to the 2013 text. [10] Here, the authors argue, “cyber[space] lacks borders, but has sovereignty.” Their starting point for asserting the importance of protecting cyber sovereignty is the Arab Spring, with the argument that cyber sovereignty is essential to prevent an enemy from ‘engineering societal chaos’ and to maintain political stability. In this regard, the PLA’s strategic guidance is directly linked to the CPC’s priority of preserving stability to ensure its own predominance and survival. [11] [12]

Next, the 2015 text sets forth the guidance of “active defense; contain [and] win future wars” (积极防御, 遏制并打赢未来战争). Consistent with multiple previous PLA publications, “seizing cyber superiority” (夺取网络制权) and information superiority are seen as the foundation for seizing battlefield superiority in its entirety. Here, in the context of a potential conflict, there is an emphasis on the cyber-attack as a means to achieve victory. Nothing that multiple nation-states, including the U.S., have developed offensive cyber strategies, the authors argue that there is an imperative for active defense, as well as an emphasis on “integrated deterrence and warfare” (慑战一体). This framing of China’s approach to military struggle in cyberspace within the context of the PLA’s overall strategy of active defense, which is strategically defensive but can be operationally and tactically offensive, is clearer than in previous such publications. This emphasis on active defense indicates that the PLA might justify the use of offensive cyber campaigns and tactics as defensive, even an integral element of national defense, at the strategic level.

Questions for Future Analysis:

Such an initial comparison of the 2013 and 2015 editions of The Science of Military Strategy, while only a preliminary step in support of more comprehensive analysis of these authoritative new texts, seems to offer indications of potential changes in the PLA’s strategic thinking on cyber warfare during this timeframe. Certainly, the implications of these competing or perhaps complementary texts, as well as their relative authoritativeness, remains a question for further consideration. So too, the realization at the organizational and operational levels of the strategic concepts and theories articulated in these texts remains to be seen. However, at the strategic level, the inclusion of the concepts of cyber sovereignty and cyber borders, as well as the clear linkage of the PLA’s approach to military struggle in cyberspace with its overall strategy of active defense, offers insights on the PLA’s evolving strategic thinking on cyber warfare.

Notably, in a later chapter of the 2015 text, there is discussion of specific measures to advance the development of China’s cyber forces, including the establishment of a “authoritative, unified leadership and command organization” (权威的统一领导指挥机构). This section seems to support previous articulations of and recent reports regarding the PLA’s intentions. Even the 2015 defense white paper on “China’s Military Strategy,” a document intended for and presented to an international audience, had emphasized that China must “expedite the development of a cyber force” (State Council Information Office, May 26). Against the backdrop of announcements on the PLA reform agenda, there have also been media reports that China will seek to consolidate its cyber warfare units, which are currently dispersed across multiple units and ministries, into a command that would report directly to the Central Military Commission (Bloomberg, October 22). Perhaps, as PLA reforms progress, there could be an official announcement of the establishment of such a command, which would offer the necessary clarity regarding such a substantive organizational change in the PLA’s approach to cyber warfare.

Elsa Kania is currently a senior at Harvard College and works part-time as a research assistant at the Belfer Center for Science and International Affairs. She was a 2014-2015 Boren Scholar in Beijing and previously worked as an intern in the cyber security industry.


1. See M. Taylor Fravel’s “The Evolution of China’s Military Strategy: Comparing the 1987 and 1999 Versions of ZHANLÜEXUE” (2005) for a detailed comparison of earlier editions of these texts and further discussion of their authoritativeness. China’s Evolving Military Strategy (2016) will offer a comprehensive analysis of the AMS’ 2013 edition of The Science of Military Strategy.

2. Thank you to Larry Wortzel and Joe McReynolds for sharing helpful insights regarding this 2015 text’s relative authoritativeness.

3. For instance, whereas the 2013 text was released in the name of a committee of authors, under the aegis of a particular research department, the names of the individual authors of various chapters are listed for the 2015 text.

4. Although the Chinese word that is typically translated as “cyber” (网络) literally means “network” and does not correspond precisely with the U.S. concept, I will use the prefix “cyber” in my translations of these terms for the purposes of this article.

5. At a very basic level, there is a divergence in the terminology used in the 2013 AMS and 2015 NDU texts of The Science of Military Strategy. The AMS frequently refers to the cyber domain (网络领域), but the NDU consistently uses the term cyber space (网络空间) instead. Although this two-character difference might seem trivial, this terminological divergence might reflect that the AMS perceives the cyber domain as a distinct domain of warfare, whereas the NDU might instead perceive “military struggle in cyberspace” primarily as an element of and force multiplier for conventional warfare. However, this slight difference could also reflect that there have simply been different terms used for comparable concepts, as has also occurred in a U.S. context.

6. Although the concept of cyber sovereignty, as well as that of cyber borders, has previously been discussed in the PLA literature, as well as extensively by China’s civilian leadership, this is, to my knowledge, the first time that these concepts have been introduced into a military text with this level of authoritativeness.

7. While the 2013 text discusses cyber reconnaissance (网络侦察), cyber attack and defense operations (网络攻防作战), and cyber deterrence (网络威慑), the 2015 text discusses first cyber deterrence, then cyber reconnaissance and counter-reconnaissance (网络侦察与反侦察), and finally lists cyber attack and cyber defense separately.

8. Specifically, by the authors’ characterization: “China’s objective for military struggle in the cyber domain is self-interested but not harmful, involving evidently defensive, not damaging features. The aim of China’s cyber domain military struggle…is to restrict the scope of an adversary’s cyber attack [and] limit the influence of an enemy’s cyber destruction to within a scope that our side can endure.” [emphasis added]

9. Since this guidance seems to direct that such forces be established, it might perhaps be interpreted as articulating the PLA’s intention and objective, which is likely in some stage of actualization, rather than a finalized, status quo configuration of forces. For instance, the text characterizes forces within civilian government ministries as under the PLA’s authorization, but the PLA’s actual command and control of those forces might still be subject to debate and pending future consolidation and reorganization

10. See, for instance, “对网络主权的思考” by Ye Zheng (叶征), published in the August 2015 edition of China Information Security.

11. With regard to the CPC’s priorities in this regard and for a more expansive discussion of China’s cyber strategy, see: Amy Chang, “Warring State: China’s Cybersecurity Strategy,” December 3, 2014.

12. Perhaps, the elevation of the concept of “cyber sovereignty” in this context might even be interpreted as an indication that Beijing is starting to conceptualize the defense of its cyber borders as associated with its national core interest (核心利益) of sovereignty and territorial integrity.