China leapfrogs ahead in cyber warfare

By Indrajit Basu
UPI Correspondent

Published: October 30, 2009

Font size:

Kolkata, India — The fact that China’s People's Liberation Army is building up its cyber warfare capabilities to be able to defend from and attack enemy computer systems is well-known. So is its decade-old sweeping military modernization program that has transformed its ability to fight high-tech wars.

What was not known until recently – and has been confirmed, sort of – is that China has built extensive technological capabilities not only to wage a cyber war but also to dominate cyberspace. It is believed that China is possibly already using these against the United States and other countries.

A startling report called “Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation,” commissioned by the Washington-based U.S.-China Economic and Security Review Commission, highlighted last week that China’s cyber war machinery is already operating at full throttle.

What’s more, "China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and industry by conducting a long-term, sophisticated computer network exploitation campaign," it said.

The report also said that China is capable of attacking the computer networks of U.S. allies in the Asia-Pacific region, where Taiwan, Japan and India feature at the top of its target list.

If the findings are true, it is not much of a surprise. After all, for years governments and sensitive agencies and military contractors across the world have been hit with targeted, well-crafted cyber attacks that appear to have originated in China.

Yet experts say this report is significant for its details on how developed and prepared China’s networked architecture is in coordinating military operations across the electromagnetic spectrum.

“This report reveals that China is more advanced than many believed it would be in terms of their preparedness for cyber warfare,” said Iftach Ian Amit, managing partner of Security and Innovation, an Israel-based strategic security consulting firm. “This report has explored into the strategic details, and interestingly China’s strategy is just in line with modern Western nations in terms of understanding how cyber warfare fits into global warfare.”

Written by Northrop Grumman Corporation, a U.S.-based global security company that caters to government and the private sector, the report said that the effort, which China calls “informationization,” is guided by the doctrine of fighting a “local war under informationized conditions.”

Simply put, informationization stands for advanced information warfare, or IW, capabilities that seek to establish control of an adversary’s information flow and maintain dominance in the battle space.

“Increasingly, Chinese military strategists have come to view information dominance as the precursor for overall success in a conflict,” the report said.

It added that the growing importance of IW to China’s PLA is also driving it to develop more comprehensive computer network exploitation techniques to support strategic intelligence collection and to lay the foundation for success in potential future conflicts.

“This strategy, largely known as integrated network electronic warfare, is actually being applied by other governments including the United States,” said Ian Amit.

However, while the report raises an alarm, yet again, on China’s growing military muscles both in real space – lane, sea and air – and in virtual space, it has attracted a fair amount of criticism as well. Obviously the first critic of the report is China itself, which rejected it as “fabricated” and representing a “Cold War mindset.”

"This so-called commission has all along exaggerated the China threat," said Ma Zhaoxu, China's Foreign Ministry spokesman, in a post on the ministry's website.

Many agree. “While there are strong imprints that can be drawn that point towards China as being responsible for many cyber attacks, there are also alternative explanations,” said Ron Deibert, director of the Citizen Lab at the Munk Center for International Studies at the University of Toronto. In April, the Munk Center under the stewardship of Diebert discovered a cyber espionage system called Ghostnet that had its footprints in China.

Still, Diebert says that one has “to be very cautious about drawing such a conclusion.”

“It is important to remember that just because an attack seems to emanate from one particular country or is employed from Internet protocol addresses that originate in a particular country don’t make it necessarily true that the country itself is responsible for it,” he said.

Experts say the technology and tools required to conduct these types of attacks are widely available on the Internet, are not complex, and do not require high-end skills.

“We also know that there are many criminal organizations that operate systems like this, whether they are malicious computer or cyber espionage systems,” said Diebert. “Russian criminal organizations as well as other European and Asian criminal organizations constantly conduct hacking operations, which the report alleges China to be indulging in as well, for profit and also for corporate espionage. It is a very complex battle space with many actors.”

Cyber crime also leads to compromised systems and information, which are sought by military organizations responsible for cyber warfare. Moreover, the fact that practicing information warfare is borderless and is usually chained together using compromised systems around the globe lends an obscurity that masks criminal and military intents.

“That attacks seem to have come from China does not necessarily mean that they were commissioned by the PRC, and it is most likely that they were not,” says Ian Amit. “The border between cyber crime and cyber warfare is blurry at best, and a lot of information that is being obtained by cyber criminals is being traded in the black market to the highest bidder. Patriotism takes a lesser role here.”

For that matter, the report admits that little evidence exists in open sources to establish firm ties between the PLA and China's hacker community. The research did uncover limited cases of apparent collaboration between elite individual hackers and the PLA’s civilian security services, the report said.

“The problem with digital data is that it is very easy to remove trace and implant a completely wrong or unreal footprint,” said Jonathan Logan, an information technology security expert at Rogue Holding, a Europe-based IT security consultant. “So while a trail may lead to a particular point of origin, its real origin may lie somewhere else.”

Still, that’s not to minimize or underestimate the threat that Chinese information warfare capabilities pose. “But at the same time the United States, Canada, and many other developed countries in Europe and Asia are developing the very same operational doctrine. And there lies its biggest threat,” said Diebert.

Security experts like Diebert and Ian Amit fear that the increasing use of cyber space for military application by countries around the world is in fact turning the Internet into a space for an arms race “that could corrupt the whole global communication system,” says Diebert.

“Right now all concerns of cyber space revolve around threats, deterrents and attacks,” said Deibert. “But we need to think much like in the early nuclear era about mutual restraints.”