Some time ago, a question was posited here.
NDIA perhaps provides us with the answer. From National Defense Magazine:
For 18 minutes in April, China’s state-controlled telecommunications company hijacked 15 percent of the world’s Internet traffic, including data from U.S. military, civilian organizations and those of other U.S. allies.
This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company.
In short, the Chinese could have carried out eavesdropping on unprotected communications — including emails and instant messaging — manipulated data passing through their country or decrypted messages, Dmitri Alperovitch, vice president of threat research at McAfee said.
Nobody outside of China can say, at least publicly, what happened to the terrabytes of data after it entered China.
The incident may receive more attention when the U.S.-China Economic and Security Review Commission, a congressional committee, releases its annual report on the bilateral relationship Nov. 17. A commission press release said the 2010 report will address “the increasingly sophisticated nature of malicious computer activity associated with China.”
Perhaps the time has come to recognize China has more than begun turning its “Unrestricted Warfare” theories into practice. The next policy official or War College/NDU professor, the next GO/FO who reiterates the tired and naive refrain that the book “doesn’t represent official Chinese or PLA policy” needs to be shown the door. A decade of that silly and Panglossian answer is more than plenty. Those who still find that statement credible have missed the boat long ago. The NDIA article goes on:
“If China telecom intercepts that [encrypted message] and they are sitting on the middle of that, they can send you their public key with their public certificate and you will not know any better,” he said. The holder of this certificate has the capability to decrypt encrypted communication links, whether it’s web traffic, emails or instant messaging, Alperovitch said. “It is a flaw in the way the Internet operates,” said Yoris Evers, director of worldwide public relations at McAfee.
No one outside of China can say whether any of these potentially nefarious events occurred, Alperovitch noted. “It did not make mainstream news because it is so esoteric and hard to understand,” he added. It is not defined as a cyberattack because no sites were hacked or shut down. “But it is pretty disconcerting.”
And the hijacking took advantage of the way the Internet operates. “It can happen again. They can do it tomorrow or they can do it in an hour. And the same problem will occur again.”
As various “Cyber Commands” design their service pins and declare themselves “ready” for a major cyber event, they ought to take heed. There were inklings of this occurrence in April/May, but this seems to be the first relatively comprehensive public acknowledgment of China’s actions.
The U.S. Defence Department estimates that over 100 foreign intelligence organizations have attempted to break into U.S. networks. Every year, hackers also steal enough data from U.S. government agencies, businesses and universities to fill the U.S. Library of Congress many times over, officials say.
The Pentagon’s biggest suppliers — including Lockheed Martin Corp, Boeing Co and Northrop Grumman Corp — are investing in the growing market for cyber technology, estimated at up to $140 billion a year worldwide.
Gates said the U.S. military had made considerable progress protecting its own sites and was working with its private-sector partners “to bring them under that umbrella.”
And everyone that touches Lockheed Martin and Boeing and Northrup Grumman, and everyone they touch, and everyone who touches them, and….
Good luck with that.