China's Cyber Forces

Just to add a contrary view to the report below... It is possible that one reason countries are reporting increasing cyber attacks from Chinese sources is because China "employs" many Chinese hackers, who are not officially in government service, to do their bidding. Not all these hackers are particularly sophisticated and are detected relatively easily. Many of these hackers are just plain sloppy.

Many countries conduct cyber-espionage. Most of these countries have well trained professionals who carry out the espionage or lay the ground work for potential attacks. They are able to mask their trails much better than relatively amateur hacker. This may be why we don't hear much about what capabilities other countries, besides China, are employing in cyberspace.

I don't believe monitoring the Chinese budget for cyberwarfare is going to tell us much. First, it does not take tens of millions of dollars to establish this capability. Second, it is very easy to hide this capability in other defense or non-defense line items.

It is unlikely that any amount of diplomatic maneuvering is going to deter China from developing its cyber espionage/attack capability. Cyber espionage is just too potentially lucrative for anyone who uses that technique to abandon. Cyber attack is another relatively low-cost tool for a country (or non-state actor) to discard.

The best way we have of countering Chinese (and others) in cyberspace is to increase the defenses on our networks. We need to worry more when we stop seeing news reports about Chinese cyber probes/attacks. This means that they have likely fully professionalized their cyber capabilities and no longer need to rely on groups of unsophisticated hackers.


http://www.defensetech.org/archives/004165.html
China is well known for its global cyber espionage efforts. And while the United States has received most of the media attention given to cyber attacks, we are not the only ones dealing with this issue. India is now pointing the finger at China, claiming they have systematically launched a series of attacks on sensitive information systems and networks of Indian agencies. India rapidly responded and now has cyber-security forces down to the division-level to guard against cyber wars. But is that really enough given China's stated ambitions?

China's Cyber Warfare Doctrine is designed to achieve global "electronic dominance" by 2050 which would include the capability of disruption of the information infrastructure of their enemies. This doctrine includes strategies that would disrupt financial markets, military and civilian communications capabilities as well as other parts of the enemy's critical infrastructure prior to the initiation of traditional military operations. With all the attacks that have been attributed to China, there has to be significant intelligence out there about techniques, cyber weapons and strategies that have been used in these cyber assaults. The proliferation of China's cyber capabilities will be the topic of a Congressional hearing in DC on May 20th. This hearing will examine "China's Proliferation Practices and the Development of its Cyber and Space Warfare Capabilities."Military and intelligence sources have known that Chinese cyber forces have developed these detailed plans for cyber attacks against the United States and others. It is believed that the plans for such an attack were drawn under the direction of the People's Liberation Army (PLA).

China has a significant cyber weapons and intelligence infrastructure in place today. What is alarming is not only do they have the intent, but they have the money. Beijing has the world's second or third largest defense budget depending on where you look for the numbers. Their military budget has been on the rise at 10 percent or more a year for over a decade. This, as well as the attacks, are evidenced by their cyber operational ability to scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems in the US, Germany, UK and India. In addition, in April 2007, Sami Saydjari, who has worked on cyber defense systems for the Pentagon since the 1980s, told Congress: "The situation is grave, with nation-states such as China developing serious offensive capabilities."

Recent attacks on the United States and India have brought this threat to the forefront. While diplomatic efforts to address these attacks have been initiated, virtually no progress has been made, according to individuals close to the issue. The following information has been provided by Spy-Ops and represents their assessment of China's current cyber capabilities.

China People's Liberation Army (PLA)Military Budget: $62 Billion USDGlobal Rating in Cyber Capabilities: Number TwoCyber Warfare Budget: $55 Million USDOffensive Cyber Capabilities: 4.2 (1 = Low, 3 = Moderate and 5 = Significant)Cyber Weapons Arsenal:In Order of Threat -- Large, advanced BotNet for DDos and espionageElectromagnetic pulse weapons (non-nuclear)Compromised counterfeit computer hardwareCompromised computer peripheral devicesCompromised counterfeit computer softwareZero-day exploitation development frameworkAdvanced dynamic exploitation capabilitiesWireless data communications jammersComputer viruses and wormsCyber data collection exploitsComputer and networks reconnaissance toolsEmbedded Trojan time bombs (suspected)Compromised microprocessors & other chips (suspected)Cyber Weapons Capabilities Rating: AdvancedCyber force Size: 10,000 +Broadband Connections: More than 55 millionChina's Hacker Community: Honker Union, Red Hackers Alliance (The 5th largest hacking organization in the world.)China's Software Industry: In Q1 2007, the software industry RMB 96.7 billion with a year-on-year increase of 26.9%.In Q1 2008, China recorded RMB 144.36 billion in software industry sales revenue, up sharply year-on-year.

From all this information one can only conclude that China has the intent and technological capabilities necessary to carry out a cyber attack anywhere in the world at any time. Nations around the world can no longer ignore the advanced threat that China's cyber warfare capabilities may have today and the ones they aspire to have in the near future. Just recently Belgian justice minister, Jo Vandeurzen, claimed that attacks against the Belgian Federal Government originated from China and are most likely sanctioned by Beijing. The Belgian minister of foreign affairs, Karel De Gucht, told their parliament that his ministry is the subject of cyber-espionage by Chinese cyber agents. This is just the tip of the iceberg. Spy-Ops believes that an estimated 140 countries will be working on their cyber weapons by the end of 2008 and that in the next five years we will see countries and extremist groups jockeying for cyber supremacy.

USAF Doctrine

AFDD 1, Air Force Basic Doctrine: http://www.dtic.mil/doctrine/jel/service_pubs/afdd1.pdf

AFDD 2, Operations and Organization: http://www.dtic.mil/doctrine/jel/service_pubs/afdd2.pdf

AFDD 2-5, Information Operations: http://www.dtic.mil/doctrine/jel/service_pubs/afdd2_5.pdf

AFDD 2-5.1: Electronic Warfare: http://www.dtic.mil/doctrine/jel/service_pubs/afd2_5_1.pdf

US DoD Joint Doctrine

DoD's Joint doctrine documents are available electronically: http://www.dtic.mil/doctrine/

Joint doctrine hierarchy chart: http://www.dtic.mil/doctrine/docinfo/pstatus/status.pdf

Joint Publication 3-13, Information Operations: http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13.pdf

Joint Publication 3-13.1, Electronic Warfare: http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13_1.pdf

British 'superhacker' Gary McKinnon fights extradition to US

Gary McKinnon told the highest court in the land that he was the victim of an oppressive prosecution by US authorities who had abused British law by trying to force him into a plea bargain. Mr McKinnon, 44, a systems analyst, is accused of causing £475,000 worth of damage by gaining access to 97 computer systems belonging to the Pentagon, Nasa and the US military.
He claims he was only looking for evidence that America had concealed the existence of UFOs.

http://www.telegraph.co.uk/news/worldnews/northamerica/usa/2139985/British-'superhacker'-Gary-McKinnon-fights-extradition-to-US.html

Your number’s up

NOBODY would expect a city water system designed for 1m residents to be able to handle a 1,000-fold increase in population in just a few years. Yet that is what the internet’s fundamental addressing scheme has had to accommodate. When the network was first established there were only a handful of computer centres in America. Instead of choosing a numbering system that could support a few thousand or million addresses, the internet’s designers foresightedly opted for one that could handle 4 billion. But now even that is not enough.

http://www.economist.com/science/tq/displaystory.cfm?story_id=11482493

Watching while you surf

IS IT a worrying invasion of privacy for web surfers, or a lucrative new business model for online advertising? A new “behavioural” approach to targeting internet advertisements, being pioneered by companies such as Phorm, NebuAd and FrontPorch, is said to be both of these things. The idea is that special software, installed in the networks of internet-service providers (ISPs), intercepts webpage requests generated by their subscribers as they roam the net. The pages in question are delivered in the usual way, but are also scanned for particular keywords in order to build up a profile of each subscriber’s interests. These profiles can then be used to target advertisements more accurately.

http://www.economist.com/science/tq/displaystory.cfm?story_id=11482452

AFCYBER Symposium 2008 Read-Aheads

Some of the workshops at the AF Cyberspace Syposium 2008 are focused on the question of how USAF capabilities and activities in the Cyber Domain can and, if developed, should contribute to national security. These Read Ahead suggestions, all available via hyperlinks, can be read on-line or downloaded. They provide a common starting point or set of references so that the workshop discussion sessions share some common background.

Rebecca Grant, Victory in Cyberspace. Arlington, VA, Air Force Association, 2007. 32 p. http://www.afa.org/media/reports/victorycyberspace.pdf

The National Strategy to Secure Cyberspace. Washington, February 2003. 61 p. http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf
Keith B. Alexander, Warfighting in Cyberspace. Joint Force Quarterly No. 46:58-61 2007.http://www.ndu.edu/inss/Press/jfq_pages/editions/i46/12.pdf

Air Force to explore cyberspace mission

MAXWELL AIR FORCE BASE, Ala. – Military and civilian defense personnel, industry and business leaders, academics and others interested in the Air Force’s cyberspace mission are invited to attend Air Force Symposium 2008–Cyberspace, which will be held July 15-17 at Maxwell AFB in Montgomery, Ala.

To be co-hosted by Air University’s Air War College Cyberspace Information and Operations Study Center at Maxwell; Eighth Air Force and Headquarters Air Force Cyber Command (provisional), Barksdale AFB, La.; and U.S. Strategic Command, Offutt AFB, Neb., the symposium is expected to engage military, industry and academic participants with a desire to discuss a broad spectrum of topics affecting the cyberspace mission.
“Our goal is to bring together a diverse group of participants interested in the Air Force’s role in an expanding cyberspace mission,” said Lt. Gen. Stephen Lorenz, Air University commander. “This is an event that will address a topic that is of vital significance to the Air Force of today and the future.”
The symposium will offer active, seminar-style workshop sessions for attendees to analyze and discuss the Air Force’s role in cyberspace. It will feature three general topic tracks: doctrine and concepts of operations, policy and law, and cyber capabilities supporting national security.

Sessions will address, among other things, defining cyberspace and working toward establishing the domain, control and use of cyberspace. Participants will also participate in discussions of international and domestic law related to cyberspace and analyze national security and other issues from both military and civilian perspectives.

Lt. Gen. Robert J. Elder Jr., Eighth Air Force commander and leading Air Force authority on cyberspace, will serve as a keynote speaker at the symposium. He said the symposium will welcome experts from the Department of Defense and commercial industry to join Air Force members and academia to share information and advance knowledge of cyberspace.

"Over 70 years ago our predecessors gathered at the Air Corps Tactical School to develop the doctrine and concepts that were employed with great success in World War II,” General Elder said. “The Cyber Symposium is a similar gathering of people from the Air Force, academia and industry to think through how to best employ cyberspace operations in defense of the nation.”

General Elder added that while there are many complicated cyberspace issues to resolve, there is “no better place to do it than at the intellectual center of the Air Force—Air University.” He predicts that in the future “historians will look back on this conference as a defining event in the development of integrated air, space and cyber power.”
Also scheduled to speak at the symposium are Gen. Kevin P. Chilton, commander, U.S. Strategic Command, Offutt AFB, Neb.; Maj. Gen. Charlie Dunlap, Air Force deputy judge advocate general; Maj. Gen. William T. Lord, commander, Air Force Cyberspace Command (provisional), Barksdale AFB, La.; and Dr. Rebecca Grant, president, IRIS Independent Research.

For more information about the symposium and to register online, go to http://www.maxwell.af.mil/au/awc/cyberspace/.

Pentagon Wants Cyberwar Range to 'Replicate Human Behavior and Frailties'

The Pentagon's way-out researchers don't just want to build an Internet simulator, to test out cyberwar tactics. They want the range's operators to "realistically replicate human behavior and frailties," too. Congress has ordered the Defense Advanced Research Projects Agency, or Darpa, to put together a National Cyber Range, as part of a massive (and massively secret) $30 billion, government-wide effort better prep for battle online. The project is now considered a top priority for the Agency. And to make sure the facility is as true-to-life as possible, Darpa wants the contractors running the Range to be able to "replicate realistic human behavior on nodes," a request for proposals, released today, reveals.

http://blog.wired.com/defense/2008/05/the-pentagons-w.html

Hacking into International Humanitarian Law:

Cyber warfare is an emerging form of warfare not explicitly addressed by existing international law. While most agree that legal restrictions should apply to cyber warfare, the international community has yet to reach consensus on how international humanitarian law (“IHL”) applies to this new form of conflict. After providing an overview of the global Internet structure and outlining several cyber warfare scenarios, this Note argues that violations of the traditional principles of distinction and neutrality are more likely to occur in cyber warfare than in conventional warfare. States have strong incentives to engage in prohibited cyber attacks, despite the risk of war crimes accusations. This Note argues that belligerents will violate the principle of distinction more frequently in cyber warfare than in conventional warfare. Many cyber attacks will unavoidably violate neutrality law, making these violations more likely in cyber conflicts than in conventional wars. Rather than condemn all uses of cyber weapons, this Note argues that IHL should evolve to encourage the use of cyber warfare in some situations and provide states better guidance in the conduct of these attacks.

http://www.michiganlawreview.org/archive/106/7/kelsey.pdf

What's Brewin': 50-State Cyber Strategy

http://www.govexec.com/story_page_pf.cfm?articleid=40246&printerfriendlyvers=1

One way to secure the Hill's backing -- and bucks -- for any new program is to spread it over as many states and congressional districts as possible. The new Air Force Cyber Command takes this approach to its ultimate limit: The service plans a cyber unit in every state, according to a briefing given in April by Maj. Gen. William Lord, the Cyber Command chief. The briefing was sent to me by a source who chooses to remain anonymous.

The very crowded slide of the 50 states that Lord presented at the Scope Warrior Spring Symposium, a gathering of top Air Force communications and information technology folks, looks like a bit of cyber-rebranding of the service's existing IT functions.

The majority of the sites, which will come under the Cyber Command umbrella, are designated as so-called network operations, a fancy way to describe the circuits and connections that already exist to serve those bases. While this is just putting a new name on old operations, it helps to include all 50 states in the count, which then bolsters the sales job.

China's Cyber-Militia

National Journal Magazine: Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

Wired Magazine Blog: Ever since intelligence chief Michael McConnell decided on cyberterrorism as the latest raison d'etre for warrantless NSA surveillance, we've seen increasingly brazen falsehoods and unverifiable cyberattack stories coming from him and his subordinates, from McConnell's bogus claim that cyberattacks cost the U.S. economy $100 billion a year, to one intelligence official's vague assertion that hackers have caused electrical blackouts in unnamed countries overseas.