Cyberwarfare in the People's Republic of China
Encyclopedia
The nature of Cyberwarfare in the People's Republic of China is difficult to assess. Government officials in India and the United States have traced various attacks on corporate and infrastructure computer systems in their countries to computers in the People's Republic of China
. However, "It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace." China has denied accusations of cyberwarfare, and has accused the United States of engaging in cyberwarfare against it
, which the US government denies...
While China has long been suspected of cyber spying
, on 24 May 2011 the PLA announced the existence of their cyber security squad.
In January 2010, Google reported on targeted attacks on its corporate infrastructure
originating from China "that resulted in the theft of intellectual property from Google". Apparently, the Gmail
accounts of two human rights activists were compromised in the raid on Google's password system. American security experts connected the Google attack to various other political and corporate espionage efforts originating from China, including espionage against military, commercial, research, and industrial corporations. Obama administration officials have called the cyberattacks "an increasingly serious cyber threat to US critical industries".
In addition to Google, at least 34 companies have been attacked. Reported cases include: Northrop Grumman
, Symantec
, Yahoo, Dow Chemical, and Adobe Systems
. Cyberespionage has been aimed at both commercial and military interests, especially areas in which China lags. Technology companies have claimed that China has sought out source code, along with general information on weapon systems, to develop the software that China needs in both its economic and military pursuits. The source code was stolen using vulnerabilities found in Adobe Reader, which the hackers used to spread malicious software.
Chinese cyberattacks
have emphasised what senior US Government officials have said is an increasingly serious cyber threat to US critical industries.
China has denied accusations of cyberwarfare, and has accused the United States of engaging in cyberwarfare against it
, accusations which the United States denies. Wang Baodong of the Chinese Embassy in the United States responded that the accusations are a result of sinophobic
paranoia. He states that, "China would never do anything to harm sovereignty or security of other countries. In conformity with such national policies, the Chinese government has never employed, nor will it employ so-called civilian hackers in collecting information or intelligence of other countries. Allegations against China in this respect are totally unwarranted, which only reflect the dark mentality of certain people who always regard China as a threat."
Diplomatic cables highlight US concerns that China is using access to Microsoft source code and 'harvesting the talents of its private sector' to boost its offensive and defensive capabilities.
have alleged that attacks on Indian government networks, such as that of the Indian National Security Council
, have originated in China. According to the government, Chinese hackers are experts in operating up botnet
s.
Fears of Chinese cyberespionage have resulted in the blocking of deals with Chinese telecoms, like Huawei
, due to their ties with the Chinese military.
claim that Chinese hackers have comprised several departments within the federal government in early 2011
, though the Chinese government has refused involvement.
virus targeting Iran originated from Israel
, which is known to engage in cyberwarfare, American cyberwarfare expert Jeffrey Carr
has implicated China as one of the possible states where Stuxnet could have originated. His rationale is that the countries Stuxnet targeted happened to be rich in resources such as copper, gold, and iron ore, that are especially important for China in a period of high economic growth. However, China has also been a victim of the Stuxnet virus. The virus has reportedly infected millions of computers in the nation, wreaking much havoc, because the virus can control industrial machinery.
2010, a U.S. Defense Department
spokesman said the department was aware that Internet traffic was rerouted
briefly through China earlier in the year. The United States-China Economic and Security Review Commission
charged in its annual report that state-owned China Telecom
advertised erroneous network routes that instructed "massive volumes" of U.S. and other foreign Internet traffic to go through Chinese servers during an 18-minute stretch on April 8. China
's Foreign Ministry
condemned the commission's report, while China Telecom separately denied the charge that it "hijacked" U.S. Internet traffic.
People's Republic of China
China , officially the People's Republic of China , is the most populous country in the world, with over 1.3 billion citizens. Located in East Asia, the country covers approximately 9.6 million square kilometres...
. However, "It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace." China has denied accusations of cyberwarfare, and has accused the United States of engaging in cyberwarfare against it
Cyberwarfare in the United States
Cyberwarfare in the United States is the United States Cyber Commands military strategy of proactive cyber defence and the use of cyberwarfare as a platform for attack. The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat...
, which the US government denies...
Organization
Washington-based analyst James Mulvenon says that the organization of Chinese operations in cyberwarfare is very clandestine and decentralised, organized around a constantly changing hybrid of official, civilian, and semi-civilian groups. Nationalist groups, he says, such as "patriotic hacker associations", are often used as "foot soldiers" or "proxies".While China has long been suspected of cyber spying
Cyber spying
Cyber spying or Cyber espionage is the act or practice of obtaining secrets without the permission of the holder of the information , from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using illegal exploitation methods on...
, on 24 May 2011 the PLA announced the existence of their cyber security squad.
United States
The United States has accused the People's Republic of China of implementing cyberwarfare and cyberespionage against American interests, accessing the networks of important military, commercial, research, and industrial organisations. A Congress advisory group has declared China "the single greatest risk to the security of American technologies" and that "there has been a marked increase in cyber intrusions originating in China and targeting U.S. government and defense-related computer systems". According to the Washington Post, China allegedly manipulates security exploits existing in websites, sending out hijacked email attachments with malicious software. Intrusion is especially worrying since the intruder can control the hijacked computer from a remote location, with the ability to steal important files, monitor the user's activity, and read the user's email. Users are typically unaware that they are being spied; the infected attachment is disguised as a mundane topic from a familiar contact, fooling the user into unwittingly setting off a program that silently infects the person's computer. Traces of the malware are hidden by rootkits, which prevent the person from being aware that data is being stolen.In January 2010, Google reported on targeted attacks on its corporate infrastructure
Operation Aurora
Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China...
originating from China "that resulted in the theft of intellectual property from Google". Apparently, the Gmail
Gmail
Gmail is a free, advertising-supported email service provided by Google. Users may access Gmail as secure webmail, as well via POP3 or IMAP protocols. Gmail was launched as an invitation-only beta release on April 1, 2004 and it became available to the general public on February 7, 2007, though...
accounts of two human rights activists were compromised in the raid on Google's password system. American security experts connected the Google attack to various other political and corporate espionage efforts originating from China, including espionage against military, commercial, research, and industrial corporations. Obama administration officials have called the cyberattacks "an increasingly serious cyber threat to US critical industries".
In addition to Google, at least 34 companies have been attacked. Reported cases include: Northrop Grumman
Northrop Grumman
Northrop Grumman Corporation is an American global aerospace and defense technology company formed by the 1994 purchase of Grumman by Northrop. The company was the fourth-largest defense contractor in the world as of 2010, and the largest builder of naval vessels. Northrop Grumman employs over...
, Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
, Yahoo, Dow Chemical, and Adobe Systems
Adobe Systems
Adobe Systems Incorporated is an American computer software company founded in 1982 and headquartered in San Jose, California, United States...
. Cyberespionage has been aimed at both commercial and military interests, especially areas in which China lags. Technology companies have claimed that China has sought out source code, along with general information on weapon systems, to develop the software that China needs in both its economic and military pursuits. The source code was stolen using vulnerabilities found in Adobe Reader, which the hackers used to spread malicious software.
Chinese cyberattacks
Operation Aurora
Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China...
have emphasised what senior US Government officials have said is an increasingly serious cyber threat to US critical industries.
China has denied accusations of cyberwarfare, and has accused the United States of engaging in cyberwarfare against it
Cyberwarfare in the United States
Cyberwarfare in the United States is the United States Cyber Commands military strategy of proactive cyber defence and the use of cyberwarfare as a platform for attack. The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat...
, accusations which the United States denies. Wang Baodong of the Chinese Embassy in the United States responded that the accusations are a result of sinophobic
Sinophobia
Sinophobia or anti-Chinese sentiment is the fear of or dislike of China, its people, overseas Chinese, or Chinese Culture...
paranoia. He states that, "China would never do anything to harm sovereignty or security of other countries. In conformity with such national policies, the Chinese government has never employed, nor will it employ so-called civilian hackers in collecting information or intelligence of other countries. Allegations against China in this respect are totally unwarranted, which only reflect the dark mentality of certain people who always regard China as a threat."
Diplomatic cables highlight US concerns that China is using access to Microsoft source code and 'harvesting the talents of its private sector' to boost its offensive and defensive capabilities.
India
Officials in the Indian governmentGovernment of India
The Government of India, officially known as the Union Government, and also known as the Central Government, was established by the Constitution of India, and is the governing authority of the union of 28 states and seven union territories, collectively called the Republic of India...
have alleged that attacks on Indian government networks, such as that of the Indian National Security Council
National Security Council (India)
The National Security Council of India is the apex agency looking into the political, economic, energy and strategic security concerns of India...
, have originated in China. According to the government, Chinese hackers are experts in operating up botnet
Botnet
A botnet is a collection of compromised computers connected to the Internet. Termed "bots," they are generally used for malicious purposes. When a computer becomes compromised, it becomes a part of a botnet...
s.
Fears of Chinese cyberespionage have resulted in the blocking of deals with Chinese telecoms, like Huawei
Huawei
Huawei is a Chinese multinational networking and telecommunications equipment and services company headquartered in Shenzhen, Guangdong, China...
, due to their ties with the Chinese military.
Canada
Officials in the Canadian governmentGovernment of Canada
The Government of Canada, formally Her Majesty's Government, is the system whereby the federation of Canada is administered by a common authority; in Canadian English, the term can mean either the collective set of institutions or specifically the Queen-in-Council...
claim that Chinese hackers have comprised several departments within the federal government in early 2011
2011 Canadian government hackings
In February 2011, news sources revealed that the Government of Canada suffered cyber attacks by foreign hackers using IP addresses from China. The hackers managed to infiltrate three departments within the government and transmit classified information back to them...
, though the Chinese government has refused involvement.
Stuxnet
Although the vast majority of experts have concluded that the StuxnetStuxnet
Stuxnet is a computer worm discovered in June 2010. It initially spreads via Microsoft Windows, and targets Siemens industrial software and equipment...
virus targeting Iran originated from Israel
Israel
The State of Israel is a parliamentary republic located in the Middle East, along the eastern shore of the Mediterranean Sea...
, which is known to engage in cyberwarfare, American cyberwarfare expert Jeffrey Carr
Jeffrey Carr
Jeffrey Carr is a cybersecurity analyst and expert. He lives in Seattle Washington. He is founder and CEO of Taia Global inc. He is also the founder and principal investigator of Project Grey Goose, an open source investigation into cyber conflicts including the Russian cyber attacks on Georgia,...
has implicated China as one of the possible states where Stuxnet could have originated. His rationale is that the countries Stuxnet targeted happened to be rich in resources such as copper, gold, and iron ore, that are especially important for China in a period of high economic growth. However, China has also been a victim of the Stuxnet virus. The virus has reportedly infected millions of computers in the nation, wreaking much havoc, because the virus can control industrial machinery.
IP hijacking
In late NovemberNovember
November is the 11th month of the year in the Julian and Gregorian Calendars and one of four months with the length of 30 days. November was the ninth month of the ancient Roman calendar...
2010, a U.S. Defense Department
United States Department of Defense
The United States Department of Defense is the U.S...
spokesman said the department was aware that Internet traffic was rerouted
IP hijacking
IP hijacking is the illegitimate take over of groups of IP addresses by corrupting Internet routing tables....
briefly through China earlier in the year. The United States-China Economic and Security Review Commission
United States-China Economic and Security Review Commission
The United States-China Economic and Security Review Commission is a congressional commission of the United States government. Created through a congressional mandate in October 2000, it is responsible for monitoring and investigating national security and trade issues between the United States and...
charged in its annual report that state-owned China Telecom
China Telecom
China Telecom Corp. Ltd. is a Chinese state-owned telecommunication company. It is the largest fixed line service and 3rd largest mobile telecommunication provider in the People's Republic of China.-Sectors:...
advertised erroneous network routes that instructed "massive volumes" of U.S. and other foreign Internet traffic to go through Chinese servers during an 18-minute stretch on April 8. China
China
Chinese civilization may refer to:* China for more general discussion of the country.* Chinese culture* Greater China, the transnational community of ethnic Chinese.* History of China* Sinosphere, the area historically affected by Chinese culture...
's Foreign Ministry
Ministry of Foreign Affairs of the People's Republic of China
The Ministry of Foreign Affairs of the People's Republic of China is an executive agency responsible for foreign relations between the People's Republic of China and other countries in the world. The agency is led by the Foreign Minister. The current minister is Yang Jiechi...
condemned the commission's report, while China Telecom separately denied the charge that it "hijacked" U.S. Internet traffic.
See Also
- Operation AuroraOperation AuroraOperation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China...
- Operation Shady RATOperation Shady RATOperation Shady RAT is an ongoing series of cyber attacks starting in mid-2006 reported by Dmitri Alperovitch, Vice President of Threat Research at Internet security company McAfee in August 2011, who also led and named the Night Dragon and Operation Aurora cyberespionage intrusion investigations...
- 2011 Canadian government hackings2011 Canadian government hackingsIn February 2011, news sources revealed that the Government of Canada suffered cyber attacks by foreign hackers using IP addresses from China. The hackers managed to infiltrate three departments within the government and transmit classified information back to them...
- Google ChinaGoogle ChinaGoogle China is a subsidiary of Google, Inc., the world's largest Internet search engine company. Google China ranks as the number 2 search engine in the People's Republic of China, after Baidu...
- Honker Union
- Cyberwarfare
- Titan RainTitan RainTitan Rain was the designation given by the federal government of the United States to a series of coordinated attacks on American computer systems since 2003...
- GhostNetGhostNetGhostNet is the name given by researchers at the Information Warfare Monitor to a large-scale cyber spying operation discovered in March 2009. The operation is likely associated with an Advanced Persistent Threat...
- Chinese intelligence operations in the United StatesChinese intelligence operations in the United StatesThe People's Republic of China has and is currently using a widespread effort to acquire U.S. military technology and classified information. To fulfill its long-term military development goals, the PRC uses a variety of methods to obtain U.S. technology; including espionage, the exploitation of...
- Chinese intelligence activity in other countriesChinese intelligence activity in other countriesChinese intelligence is believed to be highly active outside of the People's Republic of China. China is the largest intelligence collector in the Netherlands, as well as in several other EU countries, and one of the top five intelligence collectors in the United States...