Risky Bulletin: "Between Two Nerds: How China's Cyber Militia Make Sense"

Released on July 21, 2025 | Host: Tommy Wren | Guest: Grok

In this engaging episode of Risky Bulletin, host Tommy Wren and co-host Grok delve deep into the intricate workings of China's cyber militia, exploring their role within the People's Liberation Army (PLA) and the broader implications for global cybersecurity dynamics. Drawing insights from Kieran Green's paper, "The Growing Role of Cyber Militias in China's Network Warfare Structure," the discussion unpacks the evolution, functionality, and strategic significance of these paramilitary units.

1. Introduction to China's Cyber Militia

[00:12] Tommy Wren:
Tommy introduces the topic by referencing Kieran Green's research, highlighting the emergence of cyber militias in China. These militias are described as paramilitary units composed of civilian volunteers who operate under the dual leadership of local governments and the PLA.

Key Points:

• Composition: Civilian volunteers from state-owned enterprises, universities, and the commercial technology sector.
• Primary Roles: Defense of critical network infrastructure, logistics systems, and communication platforms.
• Evolution: Transition from auxiliary roles to becoming a regular reserve force training alongside active PLA units.

Grok's Insight:
Grok emphasizes the importance of tapping into a vast civilian talent pool, drawing parallels with Western concepts of cyber reserves.

2. Enhancing PLA's Network Warfare Resiliency

[02:15] Grok:
Grok seeks clarification on the term "network warfare," leading to a comprehensive explanation by Tommy.

Tommy's Definition:
Network warfare integrates cyber, electronic, and space warfare to disrupt enemy command and control, sensor networks, and information systems.

Quote:
"It's like all of the above kind of thing. Like just every... everything that's not a bomb."
— Grok [02:21]

Discussion Highlights:

• Scope: Beyond precision munitions to include information disruption and control.
• Practicality: While PLA has articulated these capabilities, their real-world application remains to be seen, with both hosts expressing hope that such operations remain theoretical.

Grok's Commentary:
He likens the integration of various warfare domains to a meta-strategic approach, aiming for comprehensive disruption capabilities.

3. Cultural and Structural Advantages

[05:07] Grok:
Grok points out the cultural acceptance in China of collaborating with the state, contrasting it with Western societies where military and state collaboration is often met with resistance.

Tommy's Observation:
The social acceptability of working for the state in China facilitates the integration of civilian experts into cyber operations, unlike the West where secrecy and compartmentalization hinder similar initiatives.

Quote:
"They have a bigger pool of people to choose from. So we want to be able to harness that."
— Tommy Wren [05:49]

Implications:

• Secrecy Culture: Western countries prioritize operational secrecy, making the formation of similar cyber militias challenging.
• Talent Pool: China’s deliberate investment in building a robust civilian cyber talent pool provides a strategic advantage.

4. Operational Flexibility and Surge Capacity

[07:53] Grok:
Grok discusses the practical aspects of having a cyber militia capable of pivoting between support and operational roles, questioning the feasibility of such transitions.

Tommy's Skepticism:
He expresses doubt about the ability to switch roles seamlessly, given the specialized nature of cyber operations.

Quote:
"It struck me you're talking about things like back end and rear echelon support and frontline operational functions seem like two different streams of work with different skills, right?"
— Tommy Wren [08:47]

Key Points:

• Skill Atrophy: Extended absence from frontline tasks can lead to a decline in technical proficiency.
• Motivation: Assigning less engaging tasks to highly skilled operatives may result in reduced performance and frustration.

Conclusion:
While the concept is theoretically sound, practical implementation presents significant challenges, although China's extensive manpower and integrated structure may mitigate these issues.

5. Specialized Operations and Public Opinion Control

[19:00] Tommy Wren:
Tommy highlights that PLA's cyber militia participates in deception operations and public opinion control, which are supplementary rather than core operational tasks.

Grok's Analysis:
He compares these activities to historical examples like deception strategies in World War II, suggesting that while useful for propaganda and peripheral operations, they may not directly contribute to decisive outcomes.

Quote:
"It can give you volume in an area that you wouldn't have otherwise. It's useful to have volume there."
— Grok [21:05]

Discussion Highlights:

• Deception Operations: Crafting misleading information or false narratives to confuse or manipulate adversaries.
• Public Opinion Control: Shaping perceptions domestically and internationally to maintain favorable narratives.

Implications:
These operations enhance China's informational and psychological warfare capabilities but remain secondary to direct cyber operations aimed at disrupting adversary infrastructures.

6. Commercial and State Synergy in Cyber Capabilities

[23:24] Tommy Wren:
The discussion shifts to the collaboration between state and private cybersecurity firms in China, exemplified by companies like Antilabs and Chihu360 contributing to PLA's cyber efforts.

Grok's Perspective:
He argues that such collaborations are not unique to China, citing Western defense contractors like Raytheon and Lockheed Martin. However, he acknowledges that the extent and enforceability of these collaborations may differ.

Quote:
"It's a different degree rather than kind, I guess."
— Grok [28:10]

Key Points:

• Blurring Lines: Partnerships between state and private firms create integrated cyber capabilities that serve both commercial and military interests.
• Global Reach: Chinese cybersecurity firms with international presence could act as vectors for state-aligned operations during conflicts.

Implications:
This synergy enhances China's cyber warfare capabilities, making it challenging for other nations to disentangle commercial and state-sponsored cyber activities.

7. Western Perspectives and Challenges

[29:48] Tommy Wren:
Tommy contrasts China's established cyber militia with the nascent and somewhat disjointed efforts in Western countries, referencing the UK's National Cyber Security Centre (NCSC) initiatives.

Grok's Insight:
He notes that while Western countries are beginning to explore cyber reserves and public-private partnerships, cultural and structural barriers impede the formation of effective cyber militias akin to China's model.

Quote:
"It's no different from what anyone else is doing, I think."
— Grok [28:36]

Discussion Highlights:

• Initiatives: Programs like the NCSC's vulnerability research outreach signify the West's initial steps towards engaging broader cyber talent.
• Cultural Barriers: Secrecy and compartmentalization in Western intelligence communities contrast with China's more open integration of civilian expertise.

Implications:
Western nations may need to adopt more collaborative and transparent approaches to effectively harness civilian cyber talent, though this remains a work in progress.

8. Concluding Thoughts

In wrapping up the episode, Tommy and Grok acknowledge that while China's cyber militia presents a formidable and integrated approach to cyber warfare, Western counterparts are still grappling with the necessary cultural and structural changes to emulate such a model. The discussion underscores the strategic importance of cyber capabilities in modern warfare and the delicate balance between civilian collaboration and operational secrecy.

Final Quote:
"You have a way to make everything better for everyone... when have we ever needed a cyber militia?"
— Grok [32:46]

Conclusion:
China's proactive cultivation of a cyber militia underscores its commitment to enhancing network warfare resilience. As global cybersecurity evolves, understanding and adapting to such models will be crucial for nations aiming to safeguard their digital frontiers.

Notable Quotes:

• "It's like all of the above kind of thing. Like just every... everything that's not a bomb."
  — Grok [02:21]

• "They have a bigger pool of people to choose from. So we want to be able to harness that."
  — Tommy Wren [05:49]

• "It struck me you're talking about things like back end and rear echelon support and frontline operational functions seem like two different streams of work with different skills, right?"
  — Tommy Wren [08:47]

• "It can give you volume in an area that you wouldn't have otherwise. It's useful to have volume there."
  — Grok [21:05]

• "It's a different degree rather than kind, I guess."
  — Grok [28:10]

• "It's no different from what anyone else is doing, I think."
  — Grok [28:36]

• "You have a way to make everything better for everyone... when have we ever needed a cyber militia?"
  — Grok [32:46]

This episode of Risky Bulletin provides a comprehensive exploration of China's cyber militia, shedding light on their structural integration, operational roles, and the broader implications for international cybersecurity strategies. For cybersecurity professionals and enthusiasts alike, understanding these dynamics is essential in navigating the evolving landscape of cyber warfare.