Valued Partner:

NYTimes reported today, based on a Microsoft report, that the People’s Republic of China (PRC) has, since 2021, targeted critical infrastructure in Guam and elsewhere in the US, likely for use during a future conflict scenario. The PRC is developing capabilities towards this end. We expect the piece to get media traction, so we’re reaching out to provide context before the likely hype-cycle takes effect.

The campaign does not indicate conflict is near or imminent but does align with public statements by the Deputy CIA Director that President Xi has ordered his military “to be able” to re-take Taiwan by 2027.

Preparedness is what any military strives to offer its commander-in-chief. Taking actions that secure access now to systems critical to disrupt in future conflict is a prudent move by China’s military. Readers should expect a steady drumbeat of news over the coming years that echo today’s report as the People’s Liberation Army (PLA) prepares to meet its deadline.

On topic of deadlines, timelines, and 2027: No public assessment by intelligence community officials indicates a decision to invade Taiwan has been made.

2027 is a particularly important year for the PLA, which will celebrate its 100^th anniversary that year. The anniversary itself is the motivation for the 2027 deadline. The Party believes—frankly, quite reasonably—that a military that has operated for 100 years should be able to take an island 60 miles off its coast. The 2027 deadline is as much an indictment of the military’s legacy of corruption and ineptitude as it is a strategic objective. To that end, the PLA is taking steps to achieve the capabilities required for such a military campaign, including targeting US critical infrastructure to establish persistence that could be used in a future conflict.

PLA military doctrine (specifically, the 2020 version of the National Defense University’s Science of Military Strategy) emphasizes early and iterative attacks on civilian infrastructure to deter US military intervention. A future crisis scenario would see many weeks—even months—of cyberattacks on infrastructure to dissuade the US public from supporting military action to defend Taiwan. To this end, access and persistence is critical to the operational concept the PLA will use to define the capabilities to achieve its mission.

Critical infrastructure operators (especially in telecommunications, energy, transportation, critical manufacturing, and sectors related to the defense industrial base) as well as firms that directly service or enable US DOD or allied militaries in the region (South Korea, Japan, Australia, New Zealand, Hawaii, and Guam) should take this report as an indicator that they are at the center of the geopolitical and cyber risk bullseye. Immediate action to review threat models, security posture, and overall risk management is recommended.

As always, please reach out with questions.

KSG Intelligence Services