Monday, June 23, 2008

China's Cyber Forces

Just to add a contrary view to the report below... It is possible that one reason countries are reporting increasing cyber attacks from Chinese sources is because China "employs" many Chinese hackers, who are not officially in government service, to do their bidding. Not all these hackers are particularly sophisticated and are detected relatively easily. Many of these hackers are just plain sloppy.

Many countries conduct cyber-espionage. Most of these countries have well trained professionals who carry out the espionage or lay the ground work for potential attacks. They are able to mask their trails much better than relatively amateur hacker. This may be why we don't hear much about what capabilities other countries, besides China, are employing in cyberspace.

I don't believe monitoring the Chinese budget for cyberwarfare is going to tell us much. First, it does not take tens of millions of dollars to establish this capability. Second, it is very easy to hide this capability in other defense or non-defense line items.

It is unlikely that any amount of diplomatic maneuvering is going to deter China from developing its cyber espionage/attack capability. Cyber espionage is just too potentially lucrative for anyone who uses that technique to abandon. Cyber attack is another relatively low-cost tool for a country (or non-state actor) to discard.

The best way we have of countering Chinese (and others) in cyberspace is to increase the defenses on our networks. We need to worry more when we stop seeing news reports about Chinese cyber probes/attacks. This means that they have likely fully professionalized their cyber capabilities and no longer need to rely on groups of unsophisticated hackers.


http://www.defensetech.org/archives/004165.html
China is well known for its global cyber espionage efforts. And while the United States has received most of the media attention given to cyber attacks, we are not the only ones dealing with this issue. India is now pointing the finger at China, claiming they have systematically launched a series of attacks on sensitive information systems and networks of Indian agencies. India rapidly responded and now has cyber-security forces down to the division-level to guard against cyber wars. But is that really enough given China's stated ambitions?

China's Cyber Warfare Doctrine is designed to achieve global "electronic dominance" by 2050 which would include the capability of disruption of the information infrastructure of their enemies. This doctrine includes strategies that would disrupt financial markets, military and civilian communications capabilities as well as other parts of the enemy's critical infrastructure prior to the initiation of traditional military operations. With all the attacks that have been attributed to China, there has to be significant intelligence out there about techniques, cyber weapons and strategies that have been used in these cyber assaults. The proliferation of China's cyber capabilities will be the topic of a Congressional hearing in DC on May 20th. This hearing will examine "China's Proliferation Practices and the Development of its Cyber and Space Warfare Capabilities."Military and intelligence sources have known that Chinese cyber forces have developed these detailed plans for cyber attacks against the United States and others. It is believed that the plans for such an attack were drawn under the direction of the People's Liberation Army (PLA).

China has a significant cyber weapons and intelligence infrastructure in place today. What is alarming is not only do they have the intent, but they have the money. Beijing has the world's second or third largest defense budget depending on where you look for the numbers. Their military budget has been on the rise at 10 percent or more a year for over a decade. This, as well as the attacks, are evidenced by their cyber operational ability to scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems in the US, Germany, UK and India. In addition, in April 2007, Sami Saydjari, who has worked on cyber defense systems for the Pentagon since the 1980s, told Congress: "The situation is grave, with nation-states such as China developing serious offensive capabilities."


Recent attacks on the United States and India have brought this threat to the forefront. While diplomatic efforts to address these attacks have been initiated, virtually no progress has been made, according to individuals close to the issue. The following information has been provided by Spy-Ops and represents their assessment of China's current cyber capabilities.

China People's Liberation Army (PLA)Military Budget: $62 Billion USDGlobal Rating in Cyber Capabilities: Number TwoCyber Warfare Budget: $55 Million USDOffensive Cyber Capabilities: 4.2 (1 = Low, 3 = Moderate and 5 = Significant)Cyber Weapons Arsenal:In Order of Threat -- Large, advanced BotNet for DDos and espionageElectromagnetic pulse weapons (non-nuclear)Compromised counterfeit computer hardwareCompromised computer peripheral devicesCompromised counterfeit computer softwareZero-day exploitation development frameworkAdvanced dynamic exploitation capabilitiesWireless data communications jammersComputer viruses and wormsCyber data collection exploitsComputer and networks reconnaissance toolsEmbedded Trojan time bombs (suspected)Compromised microprocessors & other chips (suspected)Cyber Weapons Capabilities Rating: AdvancedCyber force Size: 10,000 +Broadband Connections: More than 55 millionChina's Hacker Community: Honker Union, Red Hackers Alliance (The 5th largest hacking organization in the world.)China's Software Industry: In Q1 2007, the software industry RMB 96.7 billion with a year-on-year increase of 26.9%.In Q1 2008, China recorded RMB 144.36 billion in software industry sales revenue, up sharply year-on-year.

From all this information one can only conclude that China has the intent and technological capabilities necessary to carry out a cyber attack anywhere in the world at any time. Nations around the world can no longer ignore the advanced threat that China's cyber warfare capabilities may have today and the ones they aspire to have in the near future. Just recently Belgian justice minister, Jo Vandeurzen, claimed that attacks against the Belgian Federal Government originated from China and are most likely sanctioned by Beijing. The Belgian minister of foreign affairs, Karel De Gucht, told their parliament that his ministry is the subject of cyber-espionage by Chinese cyber agents. This is just the tip of the iceberg. Spy-Ops believes that an estimated 140 countries will be working on their cyber weapons by the end of 2008 and that in the next five years we will see countries and extremist groups jockeying for cyber supremacy.

No comments: