Assassin's Mace: Implications of Chinese Cyber Operations on US Military Logistics in the Indo-Pacific

Introduction

Cyber attacks across the world have increased at an alarming rate over the past ten years. Out of 14,331 public source attacks across the globe, the United States has been targeted in over 6,920, accounting for 48 percent of attacks worldwide since 2014 (Harry & Gallagher, 2018). But behind these numbers lies an even more concerning reality: China’s emergence as a dominant force in the cyber domain. 

As the great power competition between the United States and China intensifies, Beijing’s cyber capabilities and ambitions have evolved from a peripheral concern to a critical threat to American military effectiveness. One example of this is the problem Chinese cyber operations pose for the US military’s force projection in the Indo-Pacific region. While China’s use of cyber tools in wartime is evident based on military doctrine, a question that remains is how to protect against Chinese pre-positioning below the threshold of armed conflict. Therefore, understanding where the United States hosts most of its cyber infrastructure and how it can proactively defend against vulnerabilities to maintain optimal force posture in the Indo-Pacific region is critical to US national security.

Figure 1.

Although Chinese analysts have deemed the United States as a peer competitor and superior military threat compared to that of their force structure, they claim that the United States has had a difficult time installing a clear military advantage at the beginning of conflicts, even with its robust global presence of alliances and military installations abroad (Khan, 2015, p. 29).

Thus, Chinese analysts determined that offensive and pre-emptive attacks at the outset of a conflict on critical vulnerabilities previously identified in an adversary’s military operational infrastructure for force projection are vital for ensuring strategic advantage in a high-tech warzone or, in some cases, to stop war altogether (Khan, 2015, p. 29). 

A critical part of these attacks would involve what is called by many Chinese strategists, Assassin’s Mace attacks. These are attacks that would neutralize information systems using a range of tactics including cyber warfare tools to attack specific targets critical to the United States’s effective sustainment of force projection in the Indo-Pacific (Khan, 2015, pp. 30-31). 

The Assassin’s Mace or ‘Shashoujian’ Strategy 

The term Assassin’s Mace, or what some refer to as “Shashoujian,” is an ancient Chinese strategy that promotes the employment of weapons designed to counter and defeat a far more powerful adversary in a surprising fashion (Khan, 2015, p. 21). In this way, Assassin’s Mace strategies that stem from China are very much related to asymmetric warfare, in which there is a large-scale difference in military power between two opposing forces. The less powerful military resorts to unique or unconventional tactics or weapons to degrade the adversary (Sexton, 2024), often at the outset of a war. 

There is evidence that strategists from the People’s Liberation Army (PLA) stress the importance and need to conduct Shashoujian strikes on critical infrastructure that support military operations (Khan, 2015, p. 22). In doing so, the ultimate plan and strategy is to avoid direct force-on-force combat and hostilities, at least at first, and to proceed by striking US military vulnerabilities (Khan, 2015, p. 25). In many cases, these attacks on critical infrastructure would be portrayed through wide-scale cyber attacks on various military targets in the region even before official hostilities and pre-emptive physical/conventional strikes commence (Khan, 2015, p. 22). 

One Chinese document notes that in “a war over Taiwan, for example, the PLA will likely attempt to blind and paralyze U.S. forces in the region through cyberattacks on U.S. C4ISR and logistics. The PLA may also launch cyberattacks against targets on the U.S. mainland, such as the U.S. military’s domestic force generation and sustainment capability”(“Section 2: China’s Cyber Capabilities,” 2022). All of this requires Chinese Advanced Persistent Threat actors (APTs) to pre-position cyber assets and establish persistence in US critical systems necessary for force projection in the region.

Threat Analysis: Case Study of Guam 

The Strategic Importance of Guam 

Taking a look at US military supply chains and logistics vulnerabilities in the Indo-Pacific, we can consider one of the forward bases in the region, Andersen Air Force Base in Guam, which recently underwent an attack affiliated with a Chinese threat actor, Volt Typhoon (“Connect the Dots on State-Sponsored Cyber Incidents - Volt Typhoon,” 2023). The attacks at Guam were mainly designed to gather information on US critical infrastructure and military capabilities. Still, analysts note that some of this activity could be in preparation for a future attack on US critical infrastructure (“Connect the Dots on State-Sponsored Cyber Incidents - Volt Typhoon,” 2023). Considering this information, it is crucial to understand why Chinese threat actors may have chosen Guam as a strategically sound target.

Andersen AFB, aptly named “the gas station of the Pacific” (Mahshie, 2022), houses the Air Force’s largest fuel and munitions storage facilities, and many of its force projection capabilities such as the KC-135 Stratotanker and several heavy strategic bombers. Each of these assets would depend on this base as a touch point for refueling and rearming in a potential conflict in the Indo-Pacific. 

Chinese military writers estimate that a US “aircraft carrier strike group requires replenishment of 60,000 tons of ordinary fuel and 30,000 tons of aviation fuel every four to five days” (Khan, 2015, p. 36). Knowing the basics of Chinese network warfare and Assassin’s Mace, it does not seem viable for PLA threat actors to target military assets with cyber attacks directly at the source. It would seem more logical in line with Assassin’s Mace that these pre-emptive cyber attacks would focus on disrupting various supply chains, transportation nodes, and logistics chains that keep a base like Andersen AFB operational. 

Supply Chain Vulnerabilities for Andersen AFB in Guam

Supply chains supporting Andersen AFB present multiple potential nodes for network attacks, starting with the initial transportation of components such as ammunition, armaments, and jet fuel to West Coast seaports in the continental US. To visualize this, we can take a look at a mind map of the various nodes of transportation and storage infrastructure that would theoretically be required to get fuel and fighter armaments from Point A to Point B:

Figure 2.

Vulnerable systems could include port management, cargo tracking, and loading automation starting at these West Coast seaports. The maritime transportation links would also be susceptible to attackable navigation systems, fleet management software, and ship-to-ship communications systems. Once supplies reach Guam Naval Base, they have to traverse the island by means of more transportation to get to Andersen AFB. Here, vulnerable nodes include port control, pipelines, inventory management, and multiple forms of ground transportation. In Figure 2, the size of each node in the visualization represents its degree of connectedness and criticality to the overall logistics network for fuel and ammunition supply. Larger nodes indicate systems with more connections to the logistics network and therefore greater strategic importance if compromised.

A large portion of the Assassin’s Mace strategy and the vulnerable nodes in this mindmap have to do with transportation and warehousing systems, and a recent analysis of cyber attacks on US transportation and warehousing infrastructure reveals troubling trends that are key to recommending further steps to protect US force projection. 

US Transportation Infrastructure Vulnerability Analysis 

An analysis of cyber attack data on the United States from 2014-2024 below reveals a concerning trend regarding US transportation since 2017 with attack volumes nearly quadrupling by 2022 in comparison to 2017 (Harry & Gallagher, 2018). Even more troubling is the specific vulnerability of private sector assets in US transportation, with the private sector suffering 61 documented incidents (Harry & Gallagher, 2018). The private sector's vulnerability is particularly concerning in the Indo-Pacific context. Oil tankers supplying fuel to military assets such as the F-35 Joint Strike Fighter are almost always supported by commercial shipping companies. These vendors and contractors form a notable backbone of US military force sustainment in a probable conflict. With cargo logistics, airport infrastructure management, seaports infrastructure management, and pipeline infrastructure management being among the most frequently targeted functions and most relevant transportation functions in the United States applicable to force projection in the Indo-Pacific (Harry & Gallagher, 2018), any disruption to these leading up to wartime could seriously hinder military operations in the region.

Figure 3.

Furthermore, we see a large and diverse threat landscape in terms of effects, with 41 exploitive attacks, 39 disruptive attacks, and 24 mixed attacks documented (Harry & Gallagher, 2018). With about 59% of the total attacks being disruptive in some nature (Harry & Gallagher, 2018), military planners must consider this since it suggests cyber threat actors are not just gathering intelligence on US transportation networks but actively testing their abilities to interfere and disrupt transportation systems to impose detrimental effects. Upon viewing this widespread vulnerability, it is plausible that nation-state APTs would find US transportation nodes as viable and attractive targets to cut off force sustainment and gain a conventional advantage on the battlefield. In a conflict scenario like Taiwan, these same attack vectors could delay or prevent critical military shipments of fuel and armaments from reaching forward-deployed forces in the Indo-Pacific theater. 

Conclusion

These cyber attack trends and the Chinese military doctrine analysis reveal a concerning vulnerability in US force projection capabilities in the Indo-Pacific region. As demonstrated by the reality of the Volt Typhoon attacks on Guam and the significant increase in attacks on transportation and warehousing infrastructure, China’s Assassin’s Mace strategy poses a genuine threat to US critical infrastructure and military logistics chains. The United States should invest in hardening the cyber defenses of not only military targets but also private-sector transportation and logistics networks to counter this threat. Additionally, developing redundant supply routes, pre-positioning critical supplies, and enhancing public-private partnerships (automated threat indicator sharing, JCDC participation, Zero Trust architecture, etc) across the defense industrial base will be essential to maintaining operational readiness in the region in the face of Chinese pre-positioning below the threshold of armed conflict. Without proactive measures, the United States risks compromised force projection capabilities at the outset of a potential conflict. 

Bibliography

“Connect the Dots on State-Sponsored Cyber Incidents - Volt Typhoon.” Council on Foreign Relations, May 2023. https://www.cfr.org/cyber-operations/volt-typhoon.

Harry, C., & Gallagher, N. (2018). Classifying Cyber Events. Journal of Information Warfare, 17(3), 17-31.

Khan, Saif Ul Islam. Assassin’s Mace: A Chinese Game Changer. Vij Books India Pvt Ltd, 2015. 

Mahshie, Abraham. “Pacific Refueling.” Air & Space Forces Magazine, August 29, 2022. https://www.airandspaceforces.com/article/pacific-refueling/.

“Section 2: China’s Cyber Capabilities.” U.S.-China Economic and Security Review Commission, November 14, 2022. https://www.uscc.gov/sites/default/files/2022-11/Chapter_3_Section_2--Chinas_Cyber_Capabilities.pdf.

Sexton, Ellen. “Asymmetrical Warfare.” Encyclopædia Britannica. Last Updated: March 10, 2024. https://www.britannica.com/topic/asymmetrical-warfare.

Gephi Mind Map Bibliography 

“Andersen Air Force Base (AAFB), Guam.” Andersen Air Force Base. Accessed November 13, 2024. https://www.andersen.af.mil/Units/.

Kozy, Adam. “Testimony Before the U.S.-China Economic and Security Review Commission Hearing on ‘China’s Cyber Capabilities: Warfare, Espionage, and Implications for the United States’” U.S.-China Economic and Security Review Commission, February 17, 2022. https://www.uscc.gov/sites/default/files/2022-02/Adam_Kozy_Testimony.pdf. 

Moore, Shane, Amber Drayton, and Joseph MacDonald. FUEL LOGISTICS PLATFORM REQUIREMENTS TO SUPPORT DISTRIBUTED MARITIME OPERATIONS IN THE INDO-PACIFIC AREA OF RESPONSIBILITY, June 2023. https://apps.dtic.mil/sti/trecms/pdf/AD1213576.pdf.

Murphy, Michael. “36th Muns Keeps Andersen’s Forces Ready.” Andersen Air Force Base, November 19, 2020. https://www.andersen.af.mil/News/Features/Article/2421896/36th-muns-keeps-andersens-forces-ready/.

“Press Room.” Military Sealift Command. https://www.msc.usff.navy.mil/Press-Room/Photo-Gallery/igphoto/2003104791/#:~:text=Military%20Sealift%20Command%20Far%20East,at%20sea%20and%20on%20shore.

“U.S. Defense Infrastructure in the Indo-Pacific: Background and Issues for Congress.” Congressional Research Service, June 6, 2023. https://crsreports.congress.gov/product/pdf/R/R47589.

Vernon, Austin. “Fuel Logistics for a Pacific War.” Austin Vernon’s Blog, March 1, 2023. https://austinvernon.site/blog/fuellogistics.html.