Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Trojan Dragons: China's International Cyber Warriors
The Heritage Foundation ^ | December 12, 2007 | By John J. Tkacik, Jr.

Posted on 12/13/2007 3:56:56 AM PST by JACKRUSSELL

This week, The New York Times reported that in a series of "sophisticated attempts" against the U.S. nuclear weapons lab at Oak Ridge, Tennessee, Chinese hackers were able to "remove data."[1] The story illustrates an alarming fact: China's cyber spies are now a part of America's computer network, literally. It is time for U.S. authorities to be open with the American people about the escalating threat posed by China to America's science and technology secrets.

Continuous Attacks

U.S. Strategic Command Chief General James E. Cartwright told Congress in March 2007 that "America is under widespread attack in cyberspace." During fiscal year 2007, the Department of Homeland Security received 37,000 reports of attempted breaches on government and private systems, which included 12,986 direct assaults on federal agencies and more than 80,000 attempted attacks on Department of Defense computer network systems. Some of these attacks "reduced the U.S. military's operational capabilities."[2] As for China's part in this trend, one American cyber security firm that focuses on "a centralised group of activity based from China" now says that "in the last three months, the attacks [from China] have almost tripled."[3]

A Global Threat

Officials in Europe have not hesitated to spotlight China's cyber warfare. Publicly, they have been more vocal and pointed about Chinese involvement than their American counterparts. Earlier this month, Jonathan Evans, the chief of Great Britain's domestic counterintelligence service, MI-5, sent a confidential letter to 300 accountants, legal firms, and chief executives and security chiefs at banks, warning them that they were under "electronic espionage attack" from "Chinese state organisations." Mr. Evans noted that a number of British companies--Rolls Royce is one example--had discovered that viruses of Chinese government origin were uploading vast quantities of industrial secrets to Internet servers in China.[4]

It was just the latest warning from European governments that China is the source of a breathtakingly broad campaign of cyber penetrations of European government and commercial information systems. In October, one of Germany's top internal security officers, Hans Elmar Remberg, told a Berlin conference on industrial espionage that his country was involved in "the Chinese cyber war"--and in case his audience was under the illusion that the aggressors were mere "hackers"--he averred, "In our view, state Chinese interests [Chinesische Staatsinteressen] stand behind these digital attacks." The German news magazine Der Spiegel termed the attackers as "The Yellow Spies."[5] The unfortunate use of racial language gave an opening to Chinese students in Germany to claim racism.[6] The charges of racism, of course, did not gainsay the facts presented by Der Spiegel.

In September, French Secretary General for National Defence Francis Delon said, "We have proof that there was involvement with China," but he demurred, "that is not to say the Chinese government."[7]

The German government has been particularly annoyed by the attacks. In August, German Chancellor Angela Merkel learned that three computer networks in her own office had been penetrated by Chinese intelligence services. A few days later, she confronted the visiting Chinese premier directly about the attacks and demanded that China play by the rules. Premier Wen Jiabao, straight-faced, expressed utter shock and promised that his government would get to the bottom of it. He then asked for detailed information from Germany's counterintelligence agencies to help China's security police find the culprit.[8]

By far, the target attacked most intensely by the Chinese is the U.S. military, closely followed by the State Department, the Commerce Department, and apparently the Department of Homeland Security. China also targets computer networks in sensitive U.S. sectors relating to commerce, academia, industry, finance, and energy. One U.S. cyber security expert told a group of federal managers that "the Chinese are in half of your agencies' systems" already.[9]

Lessons Not Learned

While the U.S. government may be reticent to reveal the vulnerabilities of its databases to Chinese penetration, the information available shows how widespread Chinese cyber attacks have become. Cyber warfare units in the Chinese People's Liberation Army (PLA) have already penetrated the Pentagon's unclassified Unclassified but Sensitive Internet Protocol Router Network (NIPRNet) and have designed software to disable it in time of conflict or confrontation.[10] Maj. Gen. William Lord, director of information, services, and integration in the Air Force's Office of Warfighting Integration admits that "China has downloaded 10 to 20 terabytes of data from the NIPRNet already," and added, "There is a nation-state threat by the Chinese."[11]

Richard Lawless, deputy undersecretary of defense for Asia-Pacific affairs, told a congressional panel on June 13, 2007, that the Chinese are "leveraging information technology expertise available in China's booming economy to make significant strides in cyber-warfare." He noted that the Chinese military's "determination to familiarize themselves and dominate to some degree the Internet capabilities--not only of China and that region of the world--provide them with a growing and very impressive capability that we are very mindful of and are spending a lot of time watching."[12]

The Chinese, he said, have developed a very sophisticated, broadly-based capability to . . . attack and degrade our computer systems and our Internet systems. Computer access, warfare and the . . . disruptive things that that allows you to do to an opponent are well appreciated by the Chinese and they spend a lot of time figuring out how to disrupt our networks--how to both penetrate networks, in terms of gleaning or gaining information that is protected, as well as computer network attack programs which would allow them to shut down critical systems at times of emergency. So first of all, the capability is there. They're growing it; they see it as a major component of their asymmetric warfare capability.[13]

PLA cyber warfare units have access to source codes for America's ubiquitous office software, giving them a skeleton key to every networked government, military, business, and private computer in America. General Cartwright has warned, "I think that we should start to consider that 'regret factors' associated with a cyber attack could, in fact, be in the magnitude of a weapon of mass destruction."[14]

What the U.S. Must Do

As the alarming state of cyber security becomes ever clearer, the Administration should build on the statements of General Lord and former Deputy Undersecretary Lawless. China's cyber warriors are the most acute threat not only to America's national security information infrastructure but to commercial, financial, and energy information networks as well.And via their computer network operations,China's clandestine intelligence collection is the top intelligence threat to America's science and technology secrets. If the Administration believes otherwise, it ought to explain to the American people why, in the face of the steady reports of Chinese cyber spying, the concern is misplaced. But it cannot simply refrain from making the judgment and sharing it with the public.

John J. Tkacik, Jr., is Senior Research Fellow in the Asian Studies Center at The Heritage Foundation.

[1]John Markoff, "China Link Suspected in Lab Hacking," The New York Times, December 9, 2007, p. A-03, at www.nytimes.com/2007/12/09/us/nationalspecial3/09hack.html.

[2]Notes from a presentation by Dr. Andrew Palowitch entitled, "Cyber Warfare: Viable Component to the National Cyber Security Initiative?" at Georgetown University, November 27, 2007.

[3]Stephen Fidler, "Steep Rise in Hacking Attacks from China," The Financial Times, December 5, 2007, at www.ft.com/cms/s/0/c93e3ba2-a361-11dc-b229-0000779fd2ac.html. Source cites Yuval Ben-Itzhak, chief technology officer for Finjan, a Web security group based in San Jose, California.

[4]Rhys Blakely, Jonathan Richards, James Rossiter, and Richard Beeston, "MI5 Alert on China's Cyberspace Spy Threat," TimesOnline, December 1, 2007, at http://business.timesonline.co.uk/tol/business/industr y_sectors/technology/article2980250.ece (December 11, 2007).

[5]The August 27, 2007, issue of Der Spiegel bore the cover title "Die Gelben Spione: Wie China deutsche Technologie ausspaht" (The Yellow Spies: How China Steals German Technology). The cover story was entitled "Chinesische Trojaner auf PCs im Kanzleramt" (Chinese Trojans in Chancellor Office PCs), Der Spiegel, posted August 25, 2007, at www.spiegel.de/netzwelt/tech/0,1518,501954,00.html.

[6]"Zai De Huaren; Gao Mingjing Zui Hua" (Chinese in Germany; Spiegel Slanders Chinese), Shijie Ribao, December 7, 2007, at www.worldjournal.com/wj-ch-news.php?nt_seq_id=1635448.

[7](No author cited), "Now France Comes Under Attack from PRC Hackers," Agence France Presse, September 9, 2007, at www.taipeitimes.com/News/front/archives/2007/09/09/2003377917.

[8]John Blau, "German Gov't PCs Hacked, China Offers to Investigate: China Offers to Help Track Down the Chinese Hackers Who Broke into German Computers," PC World, August 27, 2007, at www.washingtonpost.com/wp-dyn/content/article/2007/08/27/AR2007082700595.html.

[9]Mark A Kellner, "China a 'Latent Threat, Potential Enemy': Expert," DefenseNews Weekly, December 4, 2006, at www.defensenews.com/story.php?F=2389588&C=america.

[10]Mulvenon, "Chinese Information Operations Strategies in a Taiwan Contingency."

[11]"Pentagon warns of Internet incursion by Chinese cyber-terrorists," GCN, August 24, 2006.

[12]Hearing of the House Armed Services Committee on "Recent Security Developments In China"; witnesses: Richard P. Lawless, Deputy Undersecretary of Defense For Asia-Pacific Affairs, and Major General Philip M. Breedlove, Vice Director For Strategic Plans and Policy, Joint Chiefs Of Staff; June 13, 2007. Transcript provided by Federal News Service.

[13]Hearing of the House Armed Services Committee on "Recent Security Developments in China," June 13, 2007, transcript prepared by Federal News Service.

[14]USCC Testimony, March 29, 2007, p. 7


TOPICS: Foreign Affairs; News/Current Events
KEYWORDS: china; cyberwarfare; internet
Navigation: use the links below to view more comments.
first 1-2021-4041-43 next last

1 posted on 12/13/2007 3:56:58 AM PST by JACKRUSSELL
[ Post Reply | Private Reply | View Replies]

To: Duchess47; jahp; LilAngel; metmom; EggsAckley; Battle Axe; SweetCaroline; Grizzled Bear; ...
Photo Sharing and Video Hosting at Photobucket

(Please FReepmail me if you would like to be on or off of the list.)
2 posted on 12/13/2007 3:57:18 AM PST by JACKRUSSELL
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

save


3 posted on 12/13/2007 4:06:47 AM PST by Eagles6
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL
Nobody will tell me why we have to accept packets from .cn or why we need to have connectivity with them. My .htacess file is as large as the server will handle, and if I can deny so many of their IPs on my stupid little websites, then the Government can as well.

I was getting those, "Send us a sample product and we'll buy thousands" emails.

They get a reply, "Thank you for your large donation to Falun Gong".

I see my IP Adresses are now blocked by the PRC. Good.

4 posted on 12/13/2007 4:20:53 AM PST by Gorzaloon
[ Post Reply | Private Reply | To 1 | View Replies]

To: Jeff Head

Jeff, I think that you might be interested in this story.


5 posted on 12/13/2007 4:43:09 AM PST by Virginia Ridgerunner (“We must not forget that there is a war on and our troops are in the thick of it!” --Duncan Hunter)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

The really sad part of this story is that most of the PLA hackers were trained in the American universities in the 1990s.


6 posted on 12/13/2007 4:43:59 AM PST by Virginia Ridgerunner (“We must not forget that there is a war on and our troops are in the thick of it!” --Duncan Hunter)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

Anyone alarmed? China’s cyber spies have been a part of America’s computer networks for over a decade, and their military and industrial engineer spies have been here since Nixon invited ‘em. The Chinese Empirists want to reclaim Taiwan soon and have their eyes on a few disputed Japanese/Chinese islands as belated WWII reparations, for starters. America protects both, so Sun Tzu’s principle’s apply.


7 posted on 12/13/2007 4:48:39 AM PST by flowerplough ("These go to eleven." -- Nigel Tufnel)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL
Trojan Dragons: Tiger Balm scented condoms? Weee Ohh!

Seriously, the ChiComs have the ability to shot down our satellites and corrupt our computers......they'll win the war before it begins.

8 posted on 12/13/2007 4:50:51 AM PST by wolfcreek (The Status Quo Sucks!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

so this explains all the huckabee threads...


9 posted on 12/13/2007 5:44:10 AM PST by longtermmemmory (VOTE! http://www.senate.gov and http://www.house.gov)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Gorzaloon

We had a SANS class and the instructor made a good point. There are so many computers in the US and they are so insecure, that is is virtually impossible to tell a honey-pot from a legit machine. So honey-pots actually work in the US. The blackhats cannot resist them.

We have a group that identifies pwn3d machines on campus so we can shut them down. We don’t need them inside the wire.


10 posted on 12/13/2007 5:52:48 AM PST by AppyPappy (If you aren't part of the solution, there is good money to be made prolonging the problem.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: JACKRUSSELL

We can always just turn OFF our internet.


11 posted on 12/13/2007 5:55:31 AM PST by Eye of Unk
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

I wonder if the Hong Kong Blondes are still around. If they are we should find them and give them all the resources they need. I’d say we should recruit them and give them facilities here to work from, but I’m afraid their identities and location would become known to the PRC.


12 posted on 12/13/2007 6:01:49 AM PST by tacticalogic ("Oh bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eye of Unk

Which would disrupt world wide net operations between countries...the main reson why there has been a push to get the US to GIVE UP internet control. But I say if a threat arises militarily, I agree turn it off!


13 posted on 12/13/2007 6:02:32 AM PST by mdmathis6
[ Post Reply | Private Reply | To 11 | View Replies]

To: mdmathis6

Alaska delegation plans to block any export of natural gas

PIPELINE: State delegation vows it will block plan backed by China.

http://www.adn.com/money/industries/oil/pipeline/story/9516055p-9426730c.html

(I live in Alaska and this is what WE say!)


14 posted on 12/13/2007 6:08:33 AM PST by Eye of Unk
[ Post Reply | Private Reply | To 13 | View Replies]

To: tacticalogic
I'm thinking these Chinese are not that smart. They're "twisting the dragon's tail"... There is far more network bandwidth and more cpu cycles in the west than there is in all of China. If they continue to push/probe... Someone may turn around and unleash their own counter-offensive against them. An onslaught like they never imagined possible...

Then again, maybe that is their intent. To push us until we do respond to characterize what we are capable of. In that case, playing the quiet waiting game is smart. We shouldn't tip our hand as to what our counter-code is capable of until we really need to use it.

15 posted on 12/13/2007 6:15:12 AM PST by CodeMasterPhilzar
[ Post Reply | Private Reply | To 12 | View Replies]

To: GOP_1900AD; Travis McGee; DoughtyOne; pissant; Calpernia; AuntB; Tailgunner Joe; Alamo-Girl; ...

Ping.


16 posted on 12/13/2007 11:02:24 AM PST by Paul Ross (Ronald Reagan-1987:"We are always willing to be trade partners but never trade patsies.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: davidosborne; airborne; Antoninus; GulfBreeze; processing please hold; RasterMaster; ...

ping


17 posted on 12/13/2007 11:06:49 AM PST by Calpernia (Hunters Rangers - Raising the Bar of Integrity http://www.barofintegrity.us)
[ Post Reply | Private Reply | To 1 | View Replies]

To: wolfcreek

They say they do, anyway.

Kind of like how the Soviets used to claim they had more missles.

Between panic stricken journalists who don’t know squat about computers or hacking and Chinese Communist leaders who will say pretty much anything to make themselves look good, I’m throwing up a great big ORLY.


18 posted on 12/13/2007 11:10:05 AM PST by Constantine XIII
[ Post Reply | Private Reply | To 8 | View Replies]

To: Eye of Unk

I cannot stress how bad an idea that this is. :p


19 posted on 12/13/2007 11:10:52 AM PST by Constantine XIII
[ Post Reply | Private Reply | To 11 | View Replies]

To: Paul Ross

Thanks for the ping!


20 posted on 12/13/2007 11:16:34 AM PST by Alamo-Girl
[ Post Reply | Private Reply | To 16 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-43 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson