Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

China’s Cyber Threat Growing

China is directing “the single largest, most intensive foreign intelligence gathering effort since the Cold War” against the United States, according to a report released yesterday by Medius Research.

China is directing “the single largest, most intensive foreign intelligence gathering effort since the Cold War” against the United States, according to a report released yesterday by Medius Research.

China Cyber AttacksThe report, sponsored by progressive political organization Patriot Majority, traces a 15-year pattern of events that was triggered by China’s “humiliation” during the 1995-96 Taiwan crisis, when two U.S. task forces sailed unchallenged into the Taiwan Strait, and culminated in several highly publicized cyber attacks in early 2010, which the report attributes to China.

Circumstantial Evidence, but No Smoking Gun

The report is an in-depth compilation and analysis of material that is publicly available or was obtained from government on background. Although it provides no evidence of a smoking gun that would conclusively implicate the Chinese government in cyber espionage, the report’s lead investigator Richard Parker states, “I believe it’s there, and I believe it’s classified.”

There is a substantial body of circumstantial evidence:

• Intelligence gathering “is a core mission of the People’s Liberation Army (PLA).” This is substantiated by numerous PLA documents, including one that described “seizing control of an adversary’s information flow as a prerequisite to air and naval superiority.”

• China is investing in the resources needed for “building an informationalized force and winning an informationalized war,” including a 1,100 person cyber operation with a submarine cave entrance worthy of a James Bond film, all hidden beneath the white sands and villages of Hainan Island, a popular tourist destination.

• The relationship between Chinese hackers and the Chinese government is “blurred.” In 2001, for example, hackers defaced the web sites of several U.S. federal agencies after a Chinese pilot was killed in an encounter with a U.S. reconnaissance aircraft in an incident that provoked a formal U.S. apology. According to the report, U.S. intelligence officials believe that the hack “had the ‘tacit blessing’ of the Chinese government and perhaps even official help.”

Is This War? China Cyber Threats

A recent article in FederalTimes.com puts the cost of Chinese cyber attacks against the Department of Defense at more than $100 million dollars for the first half of 2009 alone, but the Medius report is careful to characterize alleged Chinese activities as espionage, not war. When asked to comment on former Director of National Intelligence Mike McConnell’s widely quoted assertion that “the United States is fighting a cyberwar,” Patriot Majority President Craig Varoga said, “The point is not to focus on the words, but the potential threat. [This threat] has not leaped to the forefront of American consciousness and policy making where it should be. We don’t want to wait until there’s a crisis to begin this discussion.”

Advertisement. Scroll to continue reading.

Private Sector Dilemma

Lead investigator Parker believes one of the trickiest issues raised by the report is what the role of government should play in addressing private vulnerabilities. “We don’t want taxpayers subsidizing corporate IT security, but this is a national problem and we can’t simply say that we’re only going to product the government’s infrastructure.”

Related Content: Defining and Debating Cyber Warfare 

Related Content: “Smart” Power Grids a Prime Target in Cyberwarfare

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.