The nature of cyberwarfare in the People's Republic of China
is difficult to assess. Government officials in India and the United
States have traced various attacks on corporate and infrastructure
computer systems in their countries to computers in the People's Republic of China.
However, "It is nearly impossible to know whether or not an attack is
government-sponsored because of the difficulty in tracking true
identities in cyberspace."[1][2] China has denied accusations of cyberwarfare,[3] and has accused the United States of engaging in cyberwarfare against it, which the US government denies.[4][5][6][7][8][9][10]
A number of private computer security firms have stated that they have
growing evidence of cyber-espionage efforts originating from China,
including the "Comment Group".[11] In May 2014 a Federal Grand Jury in the United States indicted five PLA Unit 61398 officers on charges of theft of confidential business information from U.S. commercial firms and planting malware on their computers.[12][13]According to former United States National Security Agency contractor Edward Snowden,
the NSA has conducted espionage on Chinese universities, businesses and
politicians since 2009. Chinese targets included hundreds of
organizations and individuals, including the Chinese University of Hong Kong, and were among the 61,000 of hacker attacks carried out by the United States globally.[14][15][16]
Organization
Washington, D.C.-based analyst James Mulvenon says that the organization of Chinese operations in cyberwarfare
is very clandestine and decentralised, organized around a constantly
changing hybrid of official, civilian, and semi-civilian groups.[17] Nationalist groups, he says, such as "patriotic hacker associations", are often used as "foot soldiers" or "proxies".[17]While China has long been suspected of cyber spying, on May 24, 2011 the People's Liberation Army announced the existence of their cyber security squad.[18]
By nation
Australia
In May 2013, ABC News claimed that the People's Republic of China hacked plans for the headquarters of the Australian Security Intelligence Organisation.[19]
Canada
Officials in the Canadian government claim that Chinese hackers have comprised several departments within the federal government in early 2011, though the Chinese government has refused involvement.[20]
India
Officials in the Indian government have alleged that attacks on Indian government networks, such as that of the Indian National Security Council, have originated in China. According to the government, Chinese hackers are experts in operating up botnets.[21]Fears of Chinese cyberespionage have resulted in the blocking of deals with Chinese telecoms, like Huawei, due to their ties with the Chinese military.[21]
United States
The United States has accused the People's Republic of China of
implementing cyberwarfare and cyberespionage against American interests,
accessing the networks of important military, commercial, research, and
industrial organisations. A Congress advisory group has declared China
"the single greatest risk to the security of American technologies"[22]
and that "there has been a marked increase in cyber intrusions
originating in China and targeting U.S. government and defense-related
computer systems".[22] According to the Washington Post,
China allegedly manipulates security exploits existing in websites,
sending out hijacked email attachments with malicious software.
Intrusion is especially worrying since the intruder can control the
hijacked computer from a remote location, with the ability to steal
important files, monitor the user's activity, and read the user's email.[23]
Users are typically unaware that they are being spied; the infected
attachment is disguised as a mundane topic from a familiar contact,
fooling the user into unwittingly setting off a program that silently
infects the person's computer.[24] Traces of the malware are hidden by rootkits, which prevent the person from being aware that data is being stolen.[24]In January 2010, Google reported on targeted attacks on its corporate infrastructure originating from China "that resulted in the theft of intellectual property from Google". Apparently, the Gmail accounts of two human rights activists were compromised in the raid on Google's password system.[25]
American security experts connected the Google attack to various other
political and corporate espionage efforts originating from China,
including espionage against military, commercial, research, and
industrial corporations. Obama administration officials have called the cyberattacks "an increasingly serious cyber threat to US critical industries".[23]
In addition to Google, at least 34 companies have been attacked. Reported cases include Northrop Grumman, Symantec, Yahoo, Dow Chemical, and Adobe Systems.[26]
Cyberespionage has been aimed at both commercial and military
interests, especially areas in which China lags. Technology companies
have claimed that China has sought out source code,[27]
along with general information on weapon systems, to develop the
software that China needs in both its economic and military pursuits.
The source code was stolen using vulnerabilities found in Adobe Reader, which the hackers used to spread malicious software.[27] Chinese cyberattacks
have emphasized what senior US Government officials have said is an
increasingly serious cyber threat to US critical industries.
China has denied accusations of cyberwarfare,[3] and has accused the United States of engaging in cyberwarfare against it, accusations which the United States denies.[4] Wang Baodong of the Chinese Embassy in the United States responded that the accusations are a result of sinophobic paranoia.[3]
He states that, "China would never do anything to harm sovereignty or
security of other countries. In conformity with such national policies,
the Chinese government has never employed, nor will it employ so-called
civilian hackers in collecting information or intelligence of other
countries. Allegations against China in this respect are totally
unwarranted, which only reflect the dark mentality of certain people who
always regard China as a threat."[3]Diplomatic cables
highlight US concerns that China is using access to Microsoft source
code and 'harvesting the talents of its private sector' to boost its
offensive and defensive capabilities.[28]
As of March 2013, high level discussions continued.[29]
Stuxnet
Although the vast majority of experts have concluded that the Stuxnet virus targeting Iran originated from Israel,[30][31][32] which is known to engage in cyberwarfare, American cyberwarfare expert Jeffrey Carr
has implicated China as one of the possible states where Stuxnet could
have originated. His rationale is that the countries Stuxnet targeted
happened to be rich in resources such as copper, gold, and iron ore,
that are especially important for China in a period of high economic
growth.[33]
However, China has also been a victim of the Stuxnet virus. The virus
has reportedly infected millions of computers in the nation, wreaking
much havoc, because the virus can control industrial machinery.[34]
IP hijacking
In late November 2010, a U.S. Defense Department spokesman said the department was aware that Internet traffic was rerouted briefly through China earlier in the year. The United States-China Economic and Security Review Commission charged in its annual report that state-owned China Telecom
advertised erroneous network routes that instructed "massive volumes"
of U.S. and other foreign Internet traffic to go through Chinese servers
during an 18-minute stretch on April 8. China's Foreign Ministry condemned the commission's report, while China Telecom separately denied the charge that it "hijacked" U.S. Internet traffic.[35]
0 Comments