CHINA MAJOR CYBER THREAT TO WEST

While researchers in Canada and Britain believe Chinese hackers were responsible for recent cyber attacks on computers in over one hundred countries, other analysts are convinced the attacks were authorized by the Chinese government and its Peoples Liberation Army, using what has become known as the "GhostNet" network.
It is a large network of hackers based in Hong Kong and mainland China that operates with secret funding and guidance from the PLA. The fact that it does not use PLA computers, or work in PLA facilities means Chinese authorities can deny any links to it if British and U.S. hacker trackers identify the origin of cyber attacks and the internet addresses of “ghost” computers.
The latest global attacks appeared at first to be aimed at computers holding classified files and correspondence between the exiled Tibetan leader, the Dalai Lama, and his followers throughout the world. However, it soon became clear that the computers of foreign ministries in India, Pakistan, Rumania and South Korea, to name but a few nations, were also penetrated and their information compromised.
The targeting of computers related to the Dalai Lama was intended to provide the Chinese authorities with intelligence on people connected to the spiritual leader and members of the exiled Tibetan government. The hackers would also have sought to uncover links between people in the West and the Dalai Lama’s supporters in Tibet. One analyst speculated that some of the information would allow China to unmask, torture and execute dissidents in Tibet.
The wider issue is that China is becoming a serious cyber threat to the West and is brazenly encouraging its “GhostNet” hackers to compromise computers in sensitive western establishments. It is also training cyber warfare units within the PLA to develop a capability to compromise military and civilian computer networks in America and within the NATO military structure in Europe. Cyber warfare is promoted in the PLA’s information warfare doctrine and since 2002 the PLA has overseen major penetrations of computers in the U.S. Some experts reckon the penetrations constituted training exercises for a strategy to be unfolded in an eventual war over Taiwan. Only then would China would unleash its full cyber potential and the targets would not all be military. Many would be economic and would be aimed at the U.S. banking system and Wall Street with the aim of causing cause serious economic damage, if not a financial collapse.
Western intelligence analysts have been warning for some time that the PLA has been developing what it calls “Integrated Network Electronic Warfare.” Under that umbrella term, it has been mounting attacks since 2000 as part of a sustained training simulation for launching major cyber attacks should it face down the U.S. and its allies on the battlefield. Part of the PLA’s planning has involved the establishing of units tasked to create viruses that would be inserted into Western computer networks at the onset, or in the days or weeks before a conflict began.
In 2002, the U.S. and Britain began to realize that China was a serious cyber threat after major intrusions were launched against U.S. military and contractor websites and systems. Experts in Washington gave the attack the codename, “Titan Rain.” Among the U.S. computer systems penetrated were major classified networks belonging to the Missile Defense Agency and the Sandia Laboratories, which are at the heart of America’s nuclear research and design. In that particular series of cyber attacks, Chinese hackers stole 10 terabytes of data. If one considers that 10 terabytes would be the equivalent of the entire print collection of the Library of Congress then one can imagine the vast amount of material stolen. Among the files uploaded to “ghost” computers in China were many on U.S. command and control systems.
The U.S. Strategic Command’s Joint Task Force for Global Network Operations has no doubt the PLA is behind constant attempts by Chinese hackers to compromise computer networks in the west, especially in the U.S. and Britain. The Task Force has become aware of the presence of several hundred hacker groups in mainland China. These groups are closely monitored and encouraged by the Chinese government, which controls all of China’s internet activity. By studying the groups the PLA can learn a lot about the vulnerability of computers across the globe.
Cyber warfare’s appeal for China is best expressed in a statement by Tim Thomas, an expert working with the Foreign Military Studies Office in Fort Leavenworth. He points out that the warning time frame for a cyber attack and the time frame for a response is extremely limited. Secondly, Cyber attacks travel at the speed of light and require little physical preparation. Another advantage for the Chinese is that it would be difficult for the U.S. or Britain to immediately attribute an attack to China because attacks can be layered and often follow a circuitous route to their target, making it very difficult to track them back to source. That would make it almost impossible for the U.S. or its allies to order immediate retaliation.
For Tim Thomas, a singular benefit of cyber operations is that they can be used to frustrate and confuse a target country. Attacks can be easily aimed at critical infrastructure by rendering inoperable banks and power grids and the attacks do not require too much equipment, money or manpower compared to a full military assault.
China has learned a great deal by watching how the U.S. military has operated in the new hi-tech environment of satellites and computers in overseas conflicts like Iraq and Afghanistan. In those conflicts, the U.S. military relied heavily on hi-tech communications to handle its logistics, including the movement of troops, aircraft, and naval battle groups. Therefore China knows that in the early stages of a conflict with the U.S. it would be vital for the PLA to be able to attack American logistics functions, thereby slowing down the time by which the U.S. military could effectively move into the war zone. If that is indeed the strategy driving the PLA’s cyber warfare doctrine, America can be certain that China will probably seek to strike first with a cyber attack if tensions mount over Taiwan and war looks inevitable. In that event, one can expect the U.S. to preempt the Chinese cyber strategy by turning off our most vulnerable networks and almost going black in hi-tech terms.
Congress has been advised that it should not only provide additional recourses to military intelligence and homeland security programs that monitor and protect America’s critical infrastructure networks but it should also encourage the administration to promote a strategy whereby American works closely with its allies to deal with China’s cyber strategies.
A critical issue Congress must address is the supply networks that provide our government, military and contractors with computer equipment. Many of the companies involved in the supply chain are foreign and some have Chinese links. Therefore, it is imperative that Congress provides funding so that the supply chain can be carefully scrutinized. It must also make available money to buy equipment from trustworthy sources. After all, it is easy for a foreign company working with our enemies to insert malware into computer chips so that it can act like a sleeping virus to be activated in the event of a crisis.