Report: China Probing Soft Cyber Underbelly

December 13, 2009 by ADMIN

Share |

By Tom Groenfeldt, Technology Journalist - Contributor at CIOZone

Chinese cyber attacks against the U.S. government and American corporations are increasing sharply, according to a recent study by the U.S.-China Economic and Security Review Commission.

Established by Congress in 2000, the commission monitors and reports on the national security implications of the bilateral trade and economic relationship between the U.S. and China.

The commission reported that attacks, probably from China, against U.S. defense contractors in 2007 and 2008 managed to capture several terabytes of data related to the design and electronic systems of the F35 Lightning II, one of the most advanced American fighter planes.

The Department of Defense reported a sharp increase in cyber attacks over the last several years — a nearly 20 percent increase in 2008 from 43,880 the year prior, and more than 43,000 attacks just in the first half of 2009. The U.S. military figures it spent more than $100 million in the first half of the year in response to attacks on its networks.

Although it is not always possible to identify with certainty the source of cyber attacks, U.S. government investigators believe a high percentage originated with the Chinese government or the People’s Liberation Army (PLA).

Northrop Grumman, which undertook an investigation for the commission concluded that: “China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and U.S. defense industries by conducting a long-term, sophisticated, computer network exploitation campaign.”

If there is a bright side to this picture, it is that security experts admit the U.S. has cyber capabilities at least as advanced as China’s and is steadily using technology to learn more about Chinese military capabilities.

The commission noted that military journals in China have “long expressed professional admiration for perceived U.S. network and electronic warfare capability.”

Mike McConnell, former director of National Intelligence and director of the NSA, told a newsletter at consultancy Booz Allen Hamilton, where he now works, that the major powers are all probing each other all the time.

“In China today, there are thousands of people in a sustained effort to collect intelligence, many of them on an entrepreneurial basis, as it were, within a competing bureaucratic structure,” he said. “China understands that a strategic vulnerability of the United States is its soft cyber underbelly. I believe they seek to ‘own’ that space.”

He continued: “My view is that the Chinese received a big shock when watching the action of Desert Storm (during the first Iraq war). They saw the power of the U.S. linking computer technology with weaponry to attain precision. We had dropped 1,000 bombs in World War II to destroy a target effectively. In Vietnam, it took hundreds of bombs. Today it takes one.”

In January 2007, China demonstrated its ability to shoot down a satellite. With a ground-based missle it shot down one of its own, orbiting more than 500 miles above the earth’s surface, as a warning to the U.S., which relies on satellites for communications and reconnaissance.

Army researchers have concluded that the PLA views network warfare as both a key enabler of modern warfare and a critical new spectrum of conflict — such as the ability to act against an enemy’s command, control, computers, communications, intelligence and surveillance capabilities. China also has a cadre of hackers who operate quite openly, perhaps with government tolerance or outright support, against Western targets.

They have launched denial of service and other attacks against Web sites supporting Tibet, Xinjiang, Falun Gong and Chinese pro-democracy organizations, according to the commission.

But it isn’t simply U.S. government agencies and defense contractors that are threatened. Canadian researchers have concluded that Chinese operators have taken malicious action against computers in 103 different countries.

“Like radar sweeping around the southern border of China, there is an arc of infected nodes from India, Bhutan, Bangladesh and Vietnam, through Laos, Brunei, Philippines, Hong Kong, and Taiwan,” the researchers concluded. “Many of the high-profile targets reflect some of China’s most vexing foreign and security policy issues, including Tibet and Taiwan.”

Commercial targets of Chinese cyber warfare efforts include the computer systems of oil and gas distributors and financial services industries, according to Kevin Coleman, a senior fellow with the Technolytics Institute, who was cited by the commission.

In a bit of circularity for a government agency, the commission cited a Wall Street Journal report from intelligence officials, which said Chinese hackers had gained access to the computer systems running electrical grids.

The CBS Program 60 Minutes carried a surprisingly detailed account of cyber warfare and its threat to financial services, the military and utilities such as water and power.

Utility officials called before Congress said they were taking steps to improve security, although in later testimony admitted they had done nothing.

That annoyed my local Congressman, Bill Pascrell, D- Paterson, N.J. “What do you think we are, a bunch of jerks?” he asked them.

Another report from the National Journal reported Chinese cyber attacks may have been responsible for blackouts in 2003 and 2007 in New York and Florida.

Meanwhile eight congressmen active in Chinese issues reported computer systems breaches that appeared to be linked to China.

The commission recommended measures to deter malicious Chinese cyber activity directed at critical U.S. infrastructure and U.S. government information systems.

In response to several criticisms, China denied any involvement in cyber attacks.

Cyber security is at last getting attention at the highest levels of government. In April, the White House announced the creation of a position called the “Cyber Security Coordinator” (known colloquially as the “Cyber Czar”) to manage a more centralized approach to the U.S. government’s cyber security.

“Previous administrators didn’t want to admit they had been rolled,” one security expert told CBS.

* * *

Stay Informed With ISR News Alerts:

* * *

Tom Groenfeldt is an experienced journalist with broad expertise in financial technology. He has covered capital markets, retail and wholesale banking, and insurance for a wide variety of publications including Banking Technology, STP, the American Banker, Risk and Energy Risk, Institutional Investor, Alpha, and Securities Industry News. He founded Windows in Financial Services, which covers Microsoft technologies in finance, and edited it for 10 years. In addition to writing about finance he has written for The Economist, on ship building in Wisconsin; The New York Times on assorted topics in New Jersey and the Financial Times on outsourcing. He has also written about art in Sydney and at Art Basel Miami Beach for artinfo.com.

CIOZone.com is the first of its kind online meeting place for CIOs. It is built upon the foundation of social networking and combines user generated content and expert editorial together around an open source platform.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

These icons link to social bookmarking sites where readers can share and discover new web pages.