Could Cyberattacks Stop the Cultural Genocide in Xinjiang?
State persecution of Muslims in the region depends on high-tech mass surveillance, leaving an open door for other countries to gather intelligence and infiltrate the internment camps.
On Oct. 14, the United Nations Human Rights Council confirmed China’s membership, though with fewer votes than when it last stood for election to the council in 2016. Beijing has served as a council member for 12 of the last 14 years, despite having an appalling record of human rights abuses. The new three-year term means that it can continue to influence the monitoring of human rights violations around the world, including arbitrary detentions.
Over the past two years, Chinese authorities have detained more than 1 million people in some 400 internment camps across the Xinjiang region. Most of the prisoners are Muslim, primarily Uighurs and Kazakhs. But in the camps they are forced to abandon their religion, espouse Chinese Communist Party (CCP) ideology, and learn to speak Mandarin. China initially denied the existence of the camps, but it now acknowledges them as “reeducation” camps intended for counterterrorism. Despite the government’s whitewashing, it’s clear to the outside world that the camps in Xinjiang are modern concentration camps—the sites of a cultural genocide.
Western democracies, including the United States, the United Kingdom, and France, have increased pressure on China in an attempt to stop the human rights violations in Xinjiang, but economic sanctions and public criticism have so far had no effect. China is too big, too powerful, and too self-reliant to be restrained by other nations individually. It is time for democracies to adopt a strategy that will have an immediate effect: covert cyberattacks to gather reliable intelligence and disrupt the CCP’s control of the camps.
High-tech mass surveillance has transformed Xinjiang into a virtual cage, where technology enables the authorities to see, collect, and analyze personal details—determining who is labeled as harmful to the state. The establishment of a so-called smart region—tightly controlled by technology—makes government persecution more effective, but it also exposes the systems to cyberattacks, providing an opportunity for countries with advanced offensive capabilities to disrupt the operation of the camps.
Countries with the capabilities to do so already use offensive cyberattacks widely. The United States has directed cyberattacks against Iranian and Russian targets, including missile systems, nuclear plants, and intelligence units. Israel has targeted Iranian nuclear facilities, and Iran has attempted to hack into U.S. and Israeli critical infrastructure. Russia is a known perpetrator of cyberattacks, including the one against the Pentagon in 2008 that prompted the United States to establish the U.S. Cyber Command—one of the most advanced cyberspace operations units in the world.
The principles of cyberwarfare could be applied to attack targets used to perpetrate crimes against humanity in Xinjiang. Covert and targeted cyberattacks against technology in the internment camps would have numerous advantages. Given the secretive nature of the camps, access to cameras and data could provide reliable intelligence about human rights abuses. Such evidence could be used against CCP officials, including by bringing a case to the International Court of Justice.
Covert information-gathering would also reveal information about the camps’ vulnerabilities, shaping future cyberattacks for maximum disruption. Successful hacks could disable anything in the camps controlled by technology. Disabling cameras used to spy on prisoners would considerably reduce efficiency in the camps. It would also relieve—even temporarily—the psychological pressure on the prisoners of being under constant watch.
Deactivating communication devices used by staff inside the camps and between staff and authorities outside the camps could compromise operations by disrupting the flow of information and instructions—as well as impeding the guards’ ability to prevent prisoners from escaping. Hacking also makes it possible to encrypt data or delete it without the option of restoring it, particularly if the backup system is disabled in advance without the authorities’ knowledge. Considering the volume of data in the camps, it is unlikely that information is saved in hard copy.
Coordinated cyberattacks would send a clear message to China that the international community does not accept ethnic cleansing in Xinjiang or in other regions, such as Tibet. It may also deter CCP officials from other breaches of international law, making clear that the West will resort to cyberwarfare when other measures fail. If cyberattacks prove to be an effective strategy, they could be escalated: to target technology beyond Xinjiang’s camps used for persecution and entrapment.
But hacking into China’s systems in Xinjiang will not be easy. Chinese authorities already have advanced cybersecurity measures in place and highly trained personnel to guard the networks, though these measures have their own vulnerabilities.
One such measure is microsegmentation, which alerts operators of unsanctioned activity and blocks it. It works on a zero-trust model, which separates data into secure zones to secure it individually, making it quicker to detect and contain breaches. Microsegmentation slows down the attack by limiting the hacker to the specific host, or segment, that it attacks—but it is costly and unscalable. Microsegmentation is also prone to human error, making it susceptible to infiltration. Using the right resources, it can be compromised remotely by installing threats via vulnerable services or malicious software updates.
China’s “Great Firewall” relies on deep packet inspection (DPI), which blocks intrusions by evaluating the data transmitted through an inspection point, stopping viruses, noncompliance protocols, and other potential threats. The system’s policies require constant updates, without which the network is vulnerable to hacking. The DPI system has difficulty reading and blocking the encrypted packets that enable hackers access to the system. Like microsegmentation, DPI can be hacked remotely. Other cybersecurity measures—such as air gapping, which isolates computers from networks—would require using an employee to gain physical access, either through recruitment or unwitting exploitation.
The United States has some of the world’s most advanced cyberoffensive powers and the resources to expand and improve them. It should lead an international effort along with other Western cyberagencies in countries such as the United Kingdom, France, and possibly Germany, Canada, and Australia. Pooling together resources and experience would provide a major advantage against China’s resources and manpower, which at the moment make it possibly better prepared for cyberwarfare than the United States.
Beijing recognizes cyberspace as an important national security domain, investing considerable resources in ramping up its capabilities. And the Chinese government’s suppression in Xinjiang promotes more than Han Chinese culture and identity: The region is crucial for the government’s ambitious Belt and Road Initiative. Asserting the government’s complete control over Xinjiang is important to President Xi Jinping, meaning that any cyberattacks on the camps will likely prompt nonviolent retaliation from China.
The coordinated missions should remain covert after completion to avoid escalation of conflict by China, and collaboration between democracies with advanced cybercapabilities is key. As a matter of policy, these countries should neither confirm nor deny participation in any specific attack. The Chinese authorities may suspect the identity of the attacker but will be unable to prove it. Without a proven enemy, they are unlikely to resort to a warlike response. Covert infiltrations also have the benefit of deniability, allowing the CCP to avoid public humiliation that could cause further escalation.
It isn’t likely that the CCP will resort to preemptive cyberattacks, as doing so would require considerable resources and could produce a rapid and aggressive response. Still, it is essential that the countries involved improve their cyberdefenses before they engage in any cyberattacks against Chinese systems in Xinjiang, investing in advanced technologies, personnel, and updated response methodologies. They must be prepared to defend critical infrastructure and national security and intelligence agencies. In any case, strengthening these capabilities is crucial: Technological advancement in the cybersphere will in part determine the future of warfare.
The evidence of human rights abuses in Xinjiang is undeniable: Torture, slave labor, compulsory sterilization, sexual abuse, and the separation of children from their parents are only a few examples. It took five years and millions of dead before the allied powers shut down and liberated what remained of the Nazi death camps, doing so with limited tactical capabilities. Democracies now have the ability to disrupt the Chinese concentration camps in Xinjiang by nonviolent means, from a distance—a major advantage that could be more effective against cultural genocide than sanctions and criticism.
Limor Simhony is a policy advisor and researcher based in London. She was previously the director of counterextremism at the political consultancy firm TRD Policy and a research fellow at the Institute for National Security Studies. She holds a doctorate from the Department of War Studies at King’s College London. Twitter: @limorsimhony