The United States is being urged to adopt a Cyber Maze framework to more effectively counter China’s dynamic cyber operations.
This framework proposes a flexible, layered approach that emphasizes adaptability rather than strict deterrence, prioritizing proactive defense, resilience, and diplomatic efforts to mitigate risks without escalating conflicts.
The Cyber Maze serves as a strategic guideline for navigating the complexities of modern cyber threats.
It recognizes that cyberattacks are multifaceted and vary significantly in nature, which necessitates a versatile strategy.
By combining elements of deterrence, diplomacy, and defense, the Cyber Maze framework seeks to tailor responses according to the specific context of each cyber event.
Such a strategy is particularly relevant in light of China’s ambitions to solidify its position as a global cyber superpower, as signified by its policy initiatives like Wangluo Qiangguo (网络强国).
According to a report by the US Homeland Security in February 2025, there were 224 cyber espionage incidents involving China, with over 60 tied directly to the Chinese Communist Party.
China’s intricate cyber ecosystem is characterized by a web of formal and informal institutions that collaborate on state-linked cyberattacks.
Key players in this environment include the People’s Liberation Army, the Ministry of State Security (MSS), and the Ministry of Public Security.
Beijing’s aspirations for technological supremacy encompass ambitions in critical areas such as artificial intelligence, 5G infrastructure, and quantum computing, all while seeking to minimize its dependence on foreign technology.
These objectives are highlighted in significant Chinese policy frameworks, including Made in China 2025 and the 14th Five-Year Plan, which aim to counteract Western technological dominance and bolster national stability.
Historically, the experience of the ‘century of humiliation’ (1840-1949) has influenced China’s strategic posture, underpinning narratives of technological self-reliance and cybersecurity concerns.
Chinese cyber operations are not spontaneous but are instead coordinated efforts aimed at advancing the country’s geopolitical, economic, and military objectives.
A prime example is the 2024 US Treasury Breach, suspected to be linked to state-sponsored Chinese hackers, which targeted several federal agencies in efforts to access sensitive intelligence.
China’s cyber efforts have seen notable developments with groups like Salt Typhoon, which infiltrated global telecommunications providers, and Volt Typhoon, both of which have focused on critical infrastructure in the U.S.
The increasing sophistication of these attacks directly ties into China’s broader strategy of employing cyber capabilities as asymmetric tools for warfare.
As highlighted by Rush Doshi’s testimony before US Homeland Security on March 5, 2025, these cyber activities not only seek economic advantage through intellectual property theft but also aim to disrupt critical infrastructure and weaken public trust in governance.
Beijing’s cyber strategy has evolved from simple espionage to a more nuanced multi-faceted approach that exploits geopolitical and ideological vulnerabilities of target states.
A detailed analysis from Graphika suggests that this evolution is a direct response to U.S. countermeasures, such as the ban on Huawei and the CHIPS Act.
Further complicating matters, AI-enabled cyberattacks have surged, focusing on accessing cloud-stored data, signaling a significant shift in technique and execution.
The CrowdStrike Global Threat Report from 2025 documented an alarming 150 percent increase in state-sponsored cyberattacks from China, with a staggering 300 percent spike in cases involving AI-related identity theft and social engineering in 2024.
China’s maze of cyber operations features a range of state-sponsored and active persistent threat (APT) groups that have targeted various US sectors.
These groups include APT 31, linked with the MSS, which has targeted US government officials, and APT 41, accused of pilfering $10 million from US COVID-19 relief funds.
Other threats include Salt Typhoon’s targeting of US telecommunications, Volt Typhoon’s focus on infrastructure, and various groups aimed at U.S. election integrity.
The US Department of Justice has recently indicted a dozen Chinese nationals involved in APT 27 activities, which underscores the ongoing cyber espionage efforts from China.
Reports indicate that between 2018 and 2021, around 80 percent of espionage cases involved the theft of trade secrets, with trends showing an increasing normalization of such state-aligned cyber tactics.
These incidents also reflect a broader systemic shift in how nations conduct cyber-enabled espionage, integrating advancements in technology and AI.
A state-coordinated initiative has emerged in China known as the “hack-to-hire network,” which utilizes a diverse array of institutions, including private firms and academic bodies, to cultivate cyber expertise for domestic enforcement and control.
Cooperation and information sharing are pivotal for the US to navigate this complex cyber maze effectively.
Rush Doshi suggests the development of reciprocal offensive cyber capabilities as a deterrent, asserting that the threat of proportional retaliation may curb escalation.
However, the unique nature of cyber conflict presents considerable challenges in implementing traditional deterrence models.
Attribution of cyberattacks is often obscured by the use of third parties, making targeted retaliatory measures problematic.
Consequently, escalating tensions through retaliatory actions may not be advisable, given the unpredictable and collateral-dominating nature of cyber warfare.
The Cyber Maze framework advocates for a more dynamic approach to risk management rather than solely relying on direct retribution.
This involves combining cooperative strategies, such as information sharing, with proactive measures that enhance systemic resilience through strategic alliances and negotiations.
The framework aims to channel responses into de-escalatory actions, including sanctions and public attribution, ultimately reducing the likelihood of unwarranted escalation.
As the US navigates the treacherous terrain of cyber threats from China, the balanced integration of these strategies could prove crucial in safeguarding its national security and interests.
Nistha Kumari Singh, a doctoral candidate and TMA Pai Fellow at Manipal Institute of Social Sciences, emphasizes that understanding and adapting to the complexities of cyber warfare is essential for preserving a state’s sovereignty and technological interests in a rapidly evolving global landscape.
This piece has been published under a Creative Commons License and can be republished with attribution.
image source from:https://www.internationalaffairs.org.au/australianoutlook/chinas-cyber-maze-challenges-and-prospects-for-the-united-states/
