Podcast Summary: Risky Bulletin – "Srsly Risky Biz: China's MSS Gets Personal"
Release Date: March 20, 2025
Hosts:
- Patrick Gray – Host, Risky Biz
- Tom Uren – Policy and Intelligence Editor, Risky Biz
Introduction
In this episode of Risky Bulletin, Patrick Gray and Tom Uren delve into two pressing cybersecurity concerns: the Chinese Ministry of State Security's (MSS) aggressive tactics against alleged Taiwanese cyber operatives and Russia's ongoing sabotage campaigns targeting Western Europe. The discussion provides insightful analysis into these geopolitical cyber threats and explores potential Western responses.
1. China's Ministry of State Security (MSS) Doxxing of Taiwanese Cyber Operators
a. Escalation of Doxxing Activities
Patrick initiates the conversation by highlighting a recent alarming trend: the Chinese MSS has intensified its efforts to expose individuals it accuses of being Taiwanese military hackers targeting China.
Patrick Gray [00:54]: "The Chinese Ministry of State Security has doxxed a bunch of people it alleges are, you know, essentially Taiwanese military hackers who've been hitting targets in China."
b. Comparison with U.S. NSA Practices
Tom contrasts China's approach with that of the U.S. National Security Agency (NSA), noting that while both agencies identify foreign operatives, China's methods carry a more threatening undertone.
Tom Uren [01:45]: "When the US indicts someone in China, they'll name names... but China's a big country, there's lots of places you can go on holiday you don't have to go to."
c. Implications for Targeted Individuals
The doxxing by MSS includes personal details such as ID numbers, birth dates, and job titles, coupled with direct threats of lifelong prosecution. This approach differs significantly from the U.S., adding a layer of personal risk for the individuals involved.
Tom Uren [01:45]: "...they're trying to get very personal about, we know who you are and we're going to hold you accountable."
d. Broader Security Concerns
Patrick underscores the immediate risks for those with ties to mainland China, referencing the extradition of Uyghurs from Thailand as a precedent.
Patrick Gray [03:38]: "I remember when that happened... extraditing 40 Uyghurs to China."
e. Language and Rhetoric Used by MSS
The use of forceful and threatening language by MSS is reminiscent of authoritarian communications, which serves to intimidate and deter potential cyber operatives.
Tom Uren [06:47]: "...reunite Taiwan with the mainland... a cyber force aimed at attacking and infiltrating the mainland."
f. Call for Enhanced Operational Security (OpSec)
Concluding their discussion on MSS activities, Patrick emphasizes the necessity for Taiwanese cyber operatives to bolster their operational security to mitigate such threats.
Patrick Gray [08:52]: "...the Taiwanese need to get real about opsec."
2. Russia's Sabotage Campaigns Against Western Europe
a. Overview of Russian Aggression
The conversation shifts to Russia's multifaceted sabotage efforts in Western Europe, which include physical attacks on infrastructure and minor cyber operations.
Patrick Gray [09:28]: "Russia has been waging a sabotage campaign targeting Western European countries... assassinations and whatnot."
b. Analysis of Cyber Operations
Tom references a Center for Strategic and International Studies (CSIS) report, noting that while Russia conducts cyber attacks, they comprise less than 15% of their total sabotage activities.
Tom Uren [11:39]: "Cyber activities... make up a small minority of what's happening... less than 15%."
c. Western Response: Cyber Retaliation
There's a debate on whether Western nations should escalate their responses to Russian sabotage by adopting more aggressive cyber tactics. While physical sabotage is overt, cyber operations offer a deniable form of retaliation.
Tom Uren [15:01]: "Cyber is actually like a pretty good tool. It's more expensive, takes longer, it's harder, but it's also harder for people to pin it directly to you if you do your job right."
d. Ethical and Proportionality Concerns
Patrick raises concerns about the proportionality of cyber responses compared to Russia's physical sabotage, questioning the effectiveness and ethical implications.
Patrick Gray [17:07]: "It's not a proportionate response... throwing a few packets back is not proportionate."
e. Future Trajectory of Cyber Warfare
Tom outlines a potential escalation path where Western nations may increasingly rely on cyber operations as a primary means of retaliation, given their deniability and strategic advantages.
Tom Uren [18:02]: "...offensive cyber stuff, and we'll try it until we get sick of it..."
f. Conclusion on Deterrence
The discussion concludes with thoughts on deterrence, suggesting that real deterrence might require more tangible defensive measures rather than solely cyber retaliation.
Tom Uren [18:08]: "If you want real deterrence, you play it out on the battlefield..."
Final Thoughts
Patrick and Tom provide a compelling analysis of the evolving landscape of cyber threats emanating from major geopolitical players like China and Russia. The episode underscores the critical need for enhanced security measures, strategic responses, and a reevaluation of traditional deterrence mechanisms in the face of sophisticated cyber and physical sabotage tactics.
Notable Quotes:
-
Tom Uren [06:47]: "Under the guise of developing asymmetric warfare capabilities, the Taiwan's ruling party has recklessly spent taxpayer money to build a cyber force aimed at attacking and infiltrating the mainland. However, this effort is futile, akin to an ant trying to shake a tree."
-
Patrick Gray [15:57]: "You don't want to get your hands dirty, I think is the... you're trying to go for there, Tom."
-
Tom Uren [16:49]: "...destructive cyber packet throwing."
For more insights and detailed analyses, subscribe to Tom Uren's weekly newsletter, Seriously Risky Business, available at Risky Biz.
