Over the last decade, cyber attacks from China have been on a steady rise, increasing from 1415 reported malicious cyber activity in year 2000 to approximately 87,570 in 2009.
1 With each year passing, one can see the increasing sophistication of these attacks, clearly pointing towards the seriousness with which China is developing cyber warfare capabilities. Several cyber attacks in the last decade that targeted government organisations, multi-national companies, embassies and foreign offices were traced back to China. These attacks were mostly aimed at defaming, stealing information, espionage and mapping or understanding the network used by certain entities. Certain large scale attacks like Titan Rain that originated from China had targeted network systems of the U.S. military, NASA and the World Bank among others.
2 In another attack known as Ghostnet, computer hackers from China infiltrated the network systems of the Indian security establishment, embassies, Dalai Lama’s office and hundreds of other government offices across the world in 2008-2009. Ghostnet is believed to be one of the largest cyber spying operations which have been detected till now.
3 The investigation reports of these cyber attacks do not implicate the Chinese Government officially, but do point the finger towards China. Given the level of sophistication and the infrastructural capacity needed for such operations, it is difficult to accept that the hacking can be the work of sole, non-state actors. Particularly, the information that was compromised in most of the cases was of no use to an ordinary hacker and would have benefited only an entity engaged in policy making in foreign, military and economic affairs. This article will examine why China started developing cyber warfare as an asymmetric weapon and how far its government will go to develop this capability.
The impetus for China to develop cyber warfare capabilities could have come from the U.S. model of using information technology during warfare. Such capabilities were effectively used by the U.S. during the Gulf War and military campaigns in Iraq and Afghanistan. Since the U.S. relies heavily on network centric systems for Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR), a targeted cyber attack on the C4ISR network of the U.S. would give China an edge during the time of an armed conflict, Taiwan Straits being a likely scenario. China’s leadership is aware that in their quest to become a superpower they would have to compete with the military power of the United States. Understanding this fact, they aim to leapfrog in military competition with the U.S. or other technologically advanced rivals by developing cyber war waging capabilities. Even an attack on any of the systems that are used to provide basic utility services to the citizens can cause serious damage. The Chinese government gave high priority to develop such capabilities in the last ten years. For some time, China’s cyber army remained decentralized with different bureaus functioning under different ministries and the People’s Liberation Army (PLA). However in July 2010, China’s Central Military Commission (CMC) approved the establishment of an ’Information Security Base’ which intends to bring together the diffused cyber teams under one umbrella to ensure greater coordination and focus.
4
There are a few reported events that indicate the Chinese government and PLA’s attempts to recruit potential talents from the hacking community. In the summer of 2005, a report indicated that the PLA conducted a series of hacker competitions at regional and provincial levels possibly to screen for Computer Network Operations (CNO) recruits. Similarly, job vacancy announcements were made on two of the most prominent Chinese hacker forums in 2007-2008, for Ministry of Public Security’s First Research Institute.
5
Many from the hacking community have now transformed into legitimate information security firms and have developed close links with the PRC government. Such organisations get opportunities to develop new software and advance their technology, which as hackers they could not do publicly. This would also help them to openly work with the government. The Chinese government on the other hand can invest in such organizations as part of the IT investment and reap the benefits at a later stage (like recruiting from such organizations). Two of such companies with whom Beijing had developed very close links are Topsec and Venustech. A secret U.S. State Department circular from June 2009 stated, "there is a strong possibility that the PRC is harvesting the talents of its private sector in order to bolster offensive and defensive computer network operations capabilities."
6
Huawei, a major Chinese software and hardware company, had signed a deal with UK telecom Giant British Telecom (BT) in 2005. A British Intelligence Report in 2009 claimed that Huawei had close relations with the PLA and the company had received huge investments from the Chinese government when it was formed. British intelligence agencies feared that Huawei components which would be used by BT could contain malicious software that could be activated at a later stage. Huawei Technologies had also established links with U.S. anti-virus company Symantec in 2008.
7
These reports indicate that China utilised its Information Technology sector as well as the underground hacking community to enhance its cyber warfare capabilities.
However, in the last few years China has been facing the other side of the double-edged sword with the Chinese Ministry of Public Security (MPS) claiming that hacking attempts inside China were increasing by 80 percent annually. In November 2010, the MPS had arrested 460 hackers for carrying out illegal cyber activities. This was the first time that the Chinese government had taken such a hard step against the hacking community. It has also been observed that recently China has stepped up internet censorship activities.
8 It frequently uses censorship measures to alter public opinion. For instance, the censoring during the time when Nobel Peace Prize was awarded to the Chinese dissident Liu Xiaobo, was aimed towards discrediting the award and containing any growth of sympathy or support for Xiaobo. An attempt is also being made to create a system wherein internet users would need to provide their full names and other identifiable information. The U.S.-China Economic and Security Review Commission Report of 2010 elaborates these censorship practices undertaken by China in great detail. The report points out that these activities are being used to restrict freedom of speech and plays a key role in the governing strategy of the Chinese government.
9 Recently, a law suit was filed in New York accusing Chinese search engine Baidu.com and the Chinese government of internet censorship. The Chinese Foreign Ministry responded by stating that management of internet by the Chinese government was a sovereign matter and foreign courts had no jurisdiction according to international law.
China’s growing ability to use cyber warfare as an asymmetric weapon is evident as it builds a task force that is capable of striking the enemy’s Achilles heel. As it appears, China would continue to augment its capability to conduct cyber warfare and when complimented with an "Informationised" military and technologies like the Anti-Satellite (ASAT) weapons, it becomes a great concern not only for the U.S, against which essentially the Chinese efforts are directed, but also raises security concerns for India.
Such Capabilities are likely to intensify in the coming years and countries like India need to prepare adequate counter measures.
(The author is a Research Assistant at Observer Research Foundation, New Delhi)
1 Figure 1: U.S. Department of Defense - Reported Incidents of Malicious Cyber Activity, U.S. - China Economy and Security Commission Report 2009.
2 Nathan Thornburgh, "The Invasion of Chinese Cyberspies," The Time, August 26, 2005, available at
http://www.guardian.co.uk/technology/2010/sep/24/stuxnet-worm-national-agency (accessed on April 05, 2011).
3 Mike Harvey, "Chinese hackers using ghost network to control embassy computers," The Sunday Times, March 30, 2009, available at
http://www.timesonline.co.uk/tol/news/uk/crime/article5996253.ece (accessed on April 07, 2011).
4 "PLA sets up cyber base, assures it’s not for war," The Times of India, July 23, 2011, available at
http://articles.timesofindia.indiatimes.com/2010-07-23/china/28321900_1_cyber-war-cyber-security-base (accessed on April 05, 2011).
5 Northrop Grumman Corporation, Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation, Report submitted to the U.S.-China Economic and Security Review Commission, 2009.
6 "Chinese firm hired Blaster hacking group, says U.S. cable," China Defense Mashup, December 07, 2010, available at
http://www.china-defense-mashup.com/chinese-firm-hired-blaster-hacking-group-says-us-cable.html (accessed on Feb 25, 2011).
7 Michael Smith, "Spy Chiefs Fear Chinese Cyber Attack," The Sunday Times, March 29, 2009, available at
http://www.timesonline.co.uk/tol/news/uk/article5993156.ece (accessed on March 07, 2011).
8 Liu Chang, "Calls to Curb Internet Hacking," People’s Daily, December 03, 2010, available at
http://english.peopledaily.com.cn/90001/90776/90882/7219834.html (accessed on March 03, 2011).
9 U.S.-China Economic and Security Review Commission, Annual Report, U.S.-China Economic and Security Review Commission, Washington, 2010.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.
PREV
