Adam Segal, Asia Unbound Blog, Council on Foreign Relations: “Sometimes It’s Not China (Though This Is Probably Not the Week To Be Saying It)”
Adam Segal, “Sometimes It’s Not China (Though This Is Probably Not the Week To Be Saying It),” Asia Unbound Blog, Council on Foreign Relations, 25 August 2011.
This week we’ve had a rash of reporting that suggests the links between the state and Chinese hackers.
Smoking Cursor: First reported in the Epoch Times, and then picked up by the Washington Post and others, a report on CCTV 7 about cyberwar appears to show the PLA conducting an attack on a website connected to the Falun Gong. The attack probably happened several years ago, and there is something funny about the big “attack” button seen in the video (removed from CCTV but available on YouTube) which suggests that maybe it isn’t real. But, despite years of denials from Chinese officials, it may be as close to a “smoking cursor” as we get, at least in the open source material. …
Sometimes it’s not China, though lots of times it is.
For full text of the report referenced here, see Andrew Erickson and Gabe Collins, “A Smoking Cursor? New Window Opens on China’s Potential Cyberwarfare Development: CCTV 7 program raises new questions about Beijing’s support for hacking,” China SignPost™ (洞察中国), No. 46 (24 August 2011).
Also, the U.S. Department of Defense has just released the following content regarding PRC cyberwarfare capabilities:
Cyberwarfare Capabilities. In 2010, numerous computer systems around the world, including those owned by the U.S. Government, were the target of intrusions, some of which appear to have originated within the PRC. These intrusions were focused on exfiltrating information. Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks. China’s 2010 Defense White Paper notes China’s own concern over foreign cyberwarfare efforts and highlighted the importance of cyber-security in China’s national defense.
Cyberwarfare capabilities could serve PRC military operations in three key areas. First and foremost, they allow data collection through exfiltration. Second, they can be employed to constrain an adversary’s actions or slow response time by targeting network-based logistics, communications, and commercial activities. Third, they can serve as a force multiplier when coupled with kinetic attacks during times of crisis or conflict.
Developing capabilities for cyberwarfare is consistent with authoritative PLA military writings. Two military doctrinal writings, Science of Strategy, and Science of Campaigns identify information warfare (IW) as integral to achieving information superiority and an effective means for countering a stronger foe. Although neither document identifies the specific criteria for employing computer network attack against an adversary, both advocate developing capabilities to compete in this medium.
The Science of Strategy and Science of Campaigns detail the effectiveness of IW and computer network operations in conflicts and advocate targeting adversary command and control and logistics networks to impact their ability to operate during the early stages of conflict. As the Science of Strategy explains, “In the information war, the command and control system is the heart of information collection, control, and application on the battlefield. It is also the nerve center of the entire battlefield.”
In parallel with its military preparations, China has increased diplomatic engagement and advocacy in multilateral and international forums where cyber issues are discussed and debated. Beijing’s agenda is frequently in line with the Russian Federation’s efforts to promote more international control over cyber activities. China has not yet agreed with the U.S. position that existing mechanisms, such as International Humanitarian Law and the Law of Armed Conflict, apply in cyberspace. China’s thinking in this area is evolving as it becomes more engaged.