China & West in Midst of ‘Cyber War’
Chinese computer hackers can cripple America as sure as any ‘terrorist attacks’
By Richard Walker
Since 2003, Chinese military hackers have been causing havoc in the computer networks of some of America’s most secure military and nuclear centers. It is now believed terrorists can also see the value in launching cyber attacks against U.S. computer systems.
The Chinese threat from cyberspace has developed at an alarming rate and for the Chinese military and intelligence services it has proved the most cost-effective way of stealing our nuclear, industrial and defense secrets.
In the past five years Chinese hackers, under the guidance of the People’s Liberation Army (PLA) cyber-warfare branch, have penetrated systems at the Pentagon and, more importantly, at Sandia Laboratories, the heart of America’s nuclear research and design facilities. They have also been detected inside computers at jet propulsion centers and within our space program.
When it was first discovered (about 2003) they were traveling through secure U.S. networks, carefully selecting classified data, the FBI gave them the title “Titan Rain.” More recently that name has been scrapped and they have been accorded another name that remains classified. Unlike regular hackers, they work with speed and precision that indicates they are highly trained to search for specific types of information, while leaving little trace of their presence. It has taken considerable time and effort by computer experts within the U.S. military, Navy and intelligence community to track their movements.
It appears they use service providers in places like Hong Kong, South Korea and Eastern Europe in order to hide their identity and their true place of origin.
Nevertheless, U.S. trackers all agree that the information they have been stealing finds its way to computer centers run by the PLA in mainland China. The sheer scale of their activities indicates that the Chinese military has not only developed an advanced cyber capability but is shaping it into a weaponized form. Someday, it may be used to mount attacks against the banking systems of this country or other major parts of our infrastructure, which are increasingly driven by technology and ultimately rely on the Internet.
In the past two years, our allies have been targeted too. The British Foreign Office email system came under attack, as did parts of the defense structure. Germany and France have also been the subject of periodic probing attempts by the Chinese to test the security of their networks. All of this has forced the United States and its NATO partners to seriously rethink the nature of modern warfare and to accept that future attacks from cyberspace could create as much economic damage as a major terrorist event.
For example, if cyber attacks were to shut down the U.S. banking system or airline computers the damage to the U.S. economy would be enormous. There is also a real threat that Chinese military hackers could disable America’s defense networks in a time of war.
There was a stark reminder of the threat from hackers when Estonia, a small East European country that was once part of the Soviet empire, was crippled by Internet attacks in April 2007. The attacks began after ethnic Russians, and their supporters within Russia, were angered by the removal of a Soviet-era military monument in the center of the Estonian capital, Tallin.
For Estonians the statue was a constant reminder of a once brutal Soviet rule, but for ethnic Russians and hard-liners in Moscow it was “blasphemy” to remove it.
The episode sparked rioting followed by cyber attacks that shut down major Estonian government websites, as well as banks and broadcast outlets. Estonia appealed to NATO for assistance and got it— but not before it had become evident the attacks were well coordinated. There were claims the masterminds were Russian military hackers, but that was never proven. What did emerge was that most of the attacks were carried out by groups of young ethnic Russians in Estonia and hackers in Russia.
For the U.S. and NATO, it was a wake-up call and a sober reminder that if highly motivated groups could carry out successful attacks against Estonia, which had highly developed computer systems, what could a determined enemy like China or al Qaeda do? Following the Estonia attacks, NATO’s Computer Incident Response Capability Coordination Center was put on high alert and told to be ready to fend off the next attack against a friend or ally on the European continent.
On March 6, 2008, NATO cyber-boss, Suleyman Anil, told hi-tech experts in London that cyber tools have become dangerous weapons we can no longer ignore. He admitted he was especially worried that rogue states and terrorists would see a high value in developing cyber skills because they were cheap to acquire and just as devastating as conventional weapons.
“Cyber war can become a very effective global problem because it is low risk, low cost, highly effective and easily globally deployable. It is an ideal weapon that nobody can ignore,” he warned.
He further stressed the need for the west to strengthen its cyber defenses because they were highly vulnerable. His comments were not lost on the UN, which is due to introduce a doctrine citing that a cyber attack against a member state will be judged an attack against all UN states. Such a move is not expected to change the dynamics of the emerging cyber threat to the U.S. and NATO or to prevent the Chinese continuing to penetrate U.S. defense networks.
Last year, there were attacks from Chinese military hackers on the Pentagon’s computers and also on defense computers in Germany, India and Australia.
The threat of cyber attacks of a more crippling nature on the U.S. economy has forced defense analysts to think of cyber war in the same ways they think of other forms of warfare. As a consequence, there is an emerging doctrine in Washington, which will soon be applied by America’s allies, that a major cyber assault should be accorded the same response as a major conventional attack. In other words, a devastating cyber attack launched from China in the future could see America’s cyber warriors swing into action. Alternatively, America’s military could launch a conventional strike against China’s military or economic infrastructure, exchanging a cyber bomb for a conventional bomb.
On the horizon there is a new cyber threat that concerns the U.S. and its European allies. Intelligence experts in Washington and London have been aware for some time that al-Qaeda has been developing a cyber capability to go hand in hand with major terrorist attacks. The real fear is that an al-Qaeda suicide attack on the subway systems in New York or London could be launched in tandem with a cyber attack on computer networks dealing with emergency response, thus causing untold chaos in the midst of carnage.
For al-Qaeda, cyber weapons are cheap to acquire and difficult to detect. An advantage for the terrorists is that some of the most advanced computer hackers in the world are from India and Pakistan, countries with large Muslim populations.
Richard Walker is the nom de plume of a former mainstream news producer and best selling co-author now writing for AFP.
(Issue # 13, March 31, 2008)