chinese-cyber-attack

War which has undergone the changes of modern technology and the market system will be launched even more in atypical forms. In other words, while we are seeing a relative reduction in military violence, at the same time we definitely are seeing an increase in political, economic, and technological violence. However, regardless of the form the violence takes, war is war, and a change in the external appearance does not keep any war from abiding by the principles of war.

The above quote is from the book “Unrestricted Warfare“, written by a pair of People’s Liberation Army Colonels, Qaio Liang and Wang Xiangsui, and published in Beijing in early 1999. The book has gotten some attention, but often in the eleven years since it was unveiled to the West, the work has largely been dismissed as unlikely wishful thinking on the part of the two authors, and not representative of PLA viewpoints or policy. As recently as early 2008, discussion in strategic-level war games was dismissive of Chinese capability and intent in the cyber realm.

equipmentcybw

Well, today the Times of London published yet another ominous summary of China’s ongoing activities in the cyber realm. One should be reminded that this represents only what is being acknowledged publicly. Of particular note are the words of Dr. James Lewis of CSIS:

Dr Lewis said that neither the US nor any of its Western allies had formed an effective response to the Chinese threat, which has its origins in a massive boost to Chinese technology ordered by Deng Xiaoping, the late Chinese leader, in 1986. The West’s own cyber offensives have so far been directed largely at terrorists rather than nation states, giving China virtually free rein to penetrate Western systems with its own world-class hackers and increasingly popular Chinese-made components. “You almost have to admire them,” Dr Lewis said. “They have been very consistent in their goals.”

Will we look back across an economic or military cataclysm years or decades on and acknowledge, regretfully, that the warnings had been in front of us since 1999, or even 1986?




Posted by UltimaRatioReg in Air Force, Army, Aviation, Books, Coast Guard, Foreign Policy, Homeland Security, Marine Corps, Maritime Security, Navy, Soft Power, Uncategorized


You can leave a response, or trackback from your own site.

  • http://www.coatneyhistory.com Lou Coatney

    With the help of our neocon and/or free trade politicians, the Chinese now have most of our manufacturing base, and our economy and buying power are vaporizing in the paper and electronic money which has no real productivity or value.

    The Maoist PLA is still calling the shots in China, and may think it has pushed the capitalist angle as far as it can … and that it is time to push the bayonet and take world power … especially now that we have betrayed the Rule of Law in the world we once stood for, for immediate rule of foce impulses.

    The Maoists would be making a suicidally catastrophic (and very unChinese) miscalculation, but that hasn’t stopped militarists of the past.
    It would be wise to be studying WW2 Southeast Asia operations very intensively.

    And it would be wise to point out to the Russians that 1) they would NOT be able to avoid getting sucked into this, themselves, once it got started and that 2) they too would be doomed, if the Maoists won. And the Chinese should be warned again what would happen, if they tried to use their North Korean pit bull as a proxy.

    The Chinese are a great people with a great culture and they do deserve to enjoy their status as a superpower. As for Taiwan, all they have to do is be patient and it will fall into their embrace economically. If they get impatient there or whereever and start World War 3, though, everyone will lose.

  • UltimaRatioReg

    “With the help of our neocon and/or free trade politicians, the Chinese now have most of our manufacturing base”

    Might be worth recalling here that NAFTA began in 1994, under President Clinton. That is the same Clinton who had Johnny Chung, Charlie Trie, John Huang, and Liu Chao-ying as campaign contributors. And don’t forget Bernard Schwartz from Loral, the “missile people”, also a large contributor. Clinton was hardly a “neocon”.

  • Gavin Greenwood

    The Chinese government’s need to meet, or at least co-opt, nationalist aspirations and sentiments is at least partly responsible for the growing bellicosity emerging from the communist party and the PLA. Nationalism is the only force that threatens the legitimacy of the communist party’s monopoly on authority, if not power. An inexact but illustrative analogy may be seen in German naval expansion and colonial pretensions before the First World War.
    The Kaiser’s surface fleet, while powerful enough to threaten Britain’s hegemony in home waters, was not a credible threat to Britain’s survival – that distinction was left to the U-boat arm. However, it satisfied nationalist fervour of a rising nation with little regard to the consequences of a continental power such as Germany challenging a maritime power such a Britain.
    This overt display of technical military prowess certainly helped revive support for a declining monarchy, albeit at the expense of calibrating the mechanism that eventually – through great miscalculation on all sides – led to war.
    China’s similar efforts to continually re-emphasise the fact that it has ‘stood up’ – and intends to remain standing – to a world that is all too aware of this well-established reality by testing and probing its imagined opponents defences echoes pre-1914 Germany’s often ill- judged efforts at diplomacy and international aggrandisement.

  • Derrick

    I have a bunch of stupid questions:

    Is it possible to legislate regulations such that all network connections entering/leaving the US or its overseas territories be routed through some router station that would have firewall and virus scanner to limit cyber attack? I would think satellites could have firewall and virus scanner software installed on them too.

    What about US naval warships? Is it safe for me to assume that the warships don’t use direct connections to the Internet, and that any media brought onboard is scanned for viruses first?

  • UltimaRatioReg

    Derrick,

    Those are superb questions. Public traffic (to which a very large portion of both SIPR and NIPR connect) would be next to impossible to regulate, even if ISPs were so inclined. The setting up of a “super border router” or “super domain name server” that did not have something by way of vulnerability is a question that has been discussed from time to time in the theoretical.

    Warships and satellites? There is a price for “network centricity”. Network disruption/penetration becomes the brass ring for the bad guys.

  • http://myspecialwatch.biz Aase

    Derrick,

    Those are superb questions. Public traffic (to which a very large portion of both SIPR and NIPR connect) would be next to impossible to regulate, even if ISPs were so inclined. The setting up of a "super border router" or "super domain name se4ver" that dud not have something by way of vulnerability is a question that has been discussed from time to time in the theoretical.

    Warships and satellites? There is a price for "network centricity". Network disruption/penetration becomes the brass ring for the bad guys.;

  • Derrick

    Penetration of an US military computer network (ie decrypting the signal to get the information) should be impossible. I am a civilian with no clearance whatsoever but I’m sure the US military would use an encryption scheme more time consuming to crack than what’s in use in the private sector. And given that the most likely hackers would be Al Qaeda who would not have access to supercomputers with the processing power to crack an encryption algorithm within years, I would assume the threat of network penetration is minimal. I also assume China would not have the supercomputing facilities necessary to crack TDES within a few years, and I also assume the US military would change its encryption keys on a regular basis.

    I’m pretty sure most large US corporations would use TDES or something similar for their encryption, so they should be safe too from cyber penetration.

    Thus I would assume the most likely cyber attack would be network disruption by denial of service (DoS) attack or a trojan sneaked into someone’s email. Even DoS is difficult because the attacker would need to know what servers to focus on, as well as what services to call from those servers. I’m not much of a server support person, but I would assume that the ping service would be disabled on most important servers. Plus DoS requires the attacker to have access to the Internet to get enough computer resources to flood the network with worthless garbage, and must be able to somehow get from the Internet to the actual network they want to bring down.

    Out of curiosity, does the US military have training exercises where it is assume there is a lack of network centricity?

  • UltimaRatioReg

    “Thus I would assume the most likely cyber attack would be network disruption by denial of service (DoS) attack or a trojan sneaked into someone’s email.”

    By far the biggest vulnerability is with poor user-level security. It allows the bad guys to get in and circumvent security measures such as IDS and encryption. That is a wide brush view, but the details are best debated elsewhere. But like the Maginot Line, hackers don’t go through the security measures, they go around them. Penetration of US DoD networks is an everyday occurrence.

    Al Qaeda has access to any level of hacking expertise they can pay for. They can rent such skills in many places worldwide. Eastern Europe has a large number of talented hackers. Hell, you can find them here in the US, if you have half a mil in cash and disguise who you work for. China? They grow the skills themselves, including having students in US colleges and universities, and people in US businesses who can map network topology and understand which network systems and transactions are critical to a sector or business enterprise.

    The idea that the worst that can happen to you is DoS or DDoS has long since faded in the minds of those in the know. The worst thing is someone inside your network, reading your mail, manipulating critical data, etc, and you don’t know it.

    Your last question, though, is a great one. Do we have such exercises? Not at the tactical/operational level, that I am aware of. Which leads us to another possible eventuality. No need to hack if you can burn out large portions of our critical DoD and Critical Infrastructure networks with detonation of an atmospheric….. (see: Iran, ICBM)

  • Derrick

    I’m not sure every Chinese student or worker in an US business can be considered a potential hacker/spy.

    Besides which, aren’t there rules where only US citizens or permanent residents can get jobs that require security clearance?

    As for an insider manipulating critical data, there should be a log of the manipulations, so eventually they should be caught.

  • UltimaRatioReg

    “I’m not sure every Chinese student or worker in an US business can be considered a potential hacker/spy.”

    Nobody said they were. But there are enough that US companies are concerned. So is DoD.

    “Besides which, aren’t there rules where only US citizens or permanent residents can get jobs that require security clearance?”

    Talk to Loral about that one….

    “As for an insider manipulating critical data, there should be a log of the manipulations, so eventually they should be caught.”

    Not if those transactions are associated with an authorized user. Plowing through the logs to find an anomaly is like looking for a needle in a thousand haystacks. You MAY find it, eventually. But the damage is long since done.

  • http://www.MarkWarner2008.com John

    It has started indeed but I wonder if it will only turn out to be a war with the west particularly US only. I bet it will create more problems later on and more countries will be joining the war against China.

2014 Information Domination Essay Contest
7ads6x98y