Category Archives: China Military PLA

China’s Hacking Of U.S. Remains A Top Concern : NPR

U.S officials have long complained about countries that systematically hack into U.S. computer networks to steal valuable data, but until recently they did not name names.

In the last few months, that has changed. China is now officially one of the cyber bad guys and probably the worst.

“We know and there’s good evidence … of very deliberate, focused cyber espionage to capture very valuable research and development information, or innovative ideas, or source code or business plans for their own advantage,” says Mike McConnell, a former director of national intelligence and before that the director of the National Security Agency.

It’s the Chinese he’s talking about, though other countries also engage in cyber espionage to gain a competitive edge. Russia, for example, but China stands out as especially aggressive.

“China does not care what other people think,” says Richard Bejtlich, the chief security officer at MANDIANT, a company that helps firms deal with cyber intrusions. “Culturally they are very interested in being seen as responsible, but when it comes to their actual work on the ground; if you try kicking them out of your network on a Friday, they’re back on a Monday.”

The increased willingness of the U.S. government to point a finger at the Chinese dates from an official report released last October that identified them “as the world’s most active and persistent perpetrators of economic espionage.”

via China’s Hacking Of U.S. Remains A Top Concern : NPR.


Are Chinese Telecoms acting as the ears for the Sri Lankan government?

The title is inspired by the article Are Chinese Telecoms Acting as the Ears for Central Asian Authoritarians? published in Eurasianet.org, examining the probable role of Chinese telecoms firms, notably Huawei and ZTE, in espionage and surveillance. The article notes that both ZTE and Huawei have signed contracts worth tens of millions of US dollars with governments in Central Asia, not known for their democratic credentials. The article also flags an on-going US congressional committee probe into the two companies in particular, and how the telecoms products (like USB dongles) and possibly even services  (including underlying network technologies and infrastructure) aid espionage. As the article avers,

via Are Chinese Telecoms acting as the ears for the Sri Lankan government? – Groundviews.


Hacked: How China is stealing Americas business secrets

Sen. John Kerry is fed up with Chinas penchant for looting technology from U.S. businesses — up to $400 billion worth of data each year. When will it stop?POSTED ON FEBRUARY 16, 2012, AT 3:52 PMChinese gamers at an internet cafe: Sen. John Kerry D-Mass. says Chinese hackers are illegally stealing business secrets from American firms. Photo: Imaginechina/Corbis SEE ALL 54 PHOTOSChinese Vice President Xi Jinping, slated to be the next leader of the worlds most populous nation, is getting an earful from U.S. officials over Chinas shady business practices. During Xis first official tour of the U.S. this week, Sen. John Kerry D-Mass. accused a Chinese company of bankrupting a U.S. competitor by ransacking its software. And thats just the tip of the iceberg, alleges Kerry, implicating China in “cyber-attacks, access-to-market issues, espionage [and] theft.” And, indeed, a flurry of recent reports indicate that Chinese hackers, backed by the government, are stealing business secrets from the U.S. Here, a guide:

via Hacked: How China is stealing Americas business secrets – The Week.


PLA “Online Blue Army” gets ready for cyber warfare

Defense Ministry spokesman Geng Yansheng hosts the ministry’s second regular press conference in Beijing, May 25, 2011. [Photo/China Daily, mod.gov.cn]

The People’s Liberation Army (PLA) confirmed in May 2011 that it has established an “Online Blue Army” to improve China’s defense capability and ensure the security of the country’s military network. The announcement drew close attention from military watchers and experts worldwide.

Zhang Shaozhong, a military expert and a professor from PLA National Defense University, told the People’s Daily that China is increasingly dependent on the Internet, but makes no domestic root servers, and various other types of software and Internet hardware are U.S. made. In this sense, China can be described as merely a computer user with a fairly fragile Internet security system. These are circumstances that cry out for the build up of Internet security forces.

Throughout 2010, 480,000 Trojans viruses and 13,782 Zombie viruses were detected, with 221,000 Trojan and 6,531 Zombie remote control clients found to originate in foreign countries.

via PLA “Online Blue Army” gets ready for cyber warfare – Headlines, features, photo and videos from ecns.cn.


“Cyber China” From Operation Aurora to China Cyber attacks Syndrome | Security Affairs

When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threats to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather on the real technological capabilities of China.

It certainly has a high potential for cyber offensive but its quality is really arguable. China has the most extensive cyber-warfare capabilities. It began to implement an Information Warfare strategy in 1995 conducting a huge quantity of exercises in which computer viruses have been used to interrupt military and private communications. In 2000, China established a strategic Information Warfare unit, Net Force, which is responsible for “wage combat through computer networks to manipulate enemy information systems spanning spare parts deliveries to fire control and guid ance systems.” Today The PLA GSD Third Department and Fourth Departments are considered to be the two largest players in China‘s burgeoning cyber-infrastructure.  In November 2011, Desmond Ball, a professor in the Strategic and Defense Studies Centre at Australia’s National University argues that the Chinese offensive capabilities today are pretty limited and he has also declared that the internal security has a bunch of vulnerabilities.

via “Cyber China” From Operation Aurora to China Cyber attacks Syndrome | Security Affairs.


Cyber Revenge Against Japan?

The world has grown wearily accustomed to the concept of cyberspace being mankind’s newest battleground. So while the Japanese defence establishment was understandably unsettled by the recent cyber attacks against arms company Mitsubishi Heavy Industries (MHI)—which first occurred in August but were only disclosed this week—the phenomenon will have struck governments and corporations that have experienced similar attacks as nothing particularly new.

The specifics of the attack on MHI and other Japanese entities remain unclear. While the Japanese media has attempted to trace the attack back to China—the usual suspect in these cases—its origin has not been publicly confirmed. Certainly, Beijing denied that it was involved, as it always does, despite admitting earlier this year to the existence of a PLA cyber warfare unit known as the Blue Army.

via Cyber Revenge Against Japan? | Flashpoints.


Mitsubishi Heavy Industries Hacked: Japan Defense Industry’s First Cyberattack

TOKYO (Reuters) – Japan’s biggest defense contractor, Mitsubishi Heavy Industries Ltd, said on Monday hackers had gained access to its computers, with one newspaper saying its submarine, missile and nuclear power plant component factories had been the target.

The company said in a statement that some information could have been stolen in the first known cyber attack on Japan’s defense industry.

“We’ve found out that some system information such as IP addresses have been leaked and that’s creepy enough,” said a Mitsubishi Heavy spokesman.

via Mitsubishi Heavy Industries Hacked: Japan Defense Industry’s First Cyberattack.


China Caught With Evidence of Cyberwarfare Against U.S. | TheBlaze.com

It was supposed to be just another piece of Chinese propaganda. It ended up as a major “oops,” revealing that a Chinese military university is engaged in cyberwarfare against the U.S.

The Epoch Times reports that the film, screened in mid-July, included a screenshot that it calls a “damaging revelation.” Here’s the screenshot:

 

 

And here‘s why it’s so damaging, according to the Times:

The screenshots appear as B-roll footage in the documentary for six seconds—between 11:04 and 11:10 minutes—showing custom-built Chinese software apparently launching a cyber-attack against the main website of the Falun Gong spiritual practice, by using a compromised IP address belonging to a United States university.

via China Caught With Evidence of Cyberwarfare Against U.S. | TheBlaze.com.


China-Based Spies Said to Be Behind Hacking of IMF in Investigators’ View

Investigators probing the recent ransacking of International Monetary Fund computers have concluded the attack was carried out by cyber spies connected to China, according to two people close to the investigation.

Computer specialists have spent several weeks piecing together information about the attack, which the IMF disclosed on June 8.

Evidence pointing to China includes an analysis of the attack methods, as well as the electronic trail left by hackers as they removed large quantities of documents from the IMF’s computers. The multistaged attack, which used U.S.-based servers as part of their equipment, ended on May 31, people involved in the investigation said on the condition they not be identified because they aren’t authorized to speak about it.

Their conclusion is likely to be a major test for the new IMF chief,Christine Lagarde, who this month appointed Chinese economist Zhu Min as deputy managing director, giving China a much expanded role in the institution.

“There are some very big questions about the role that China wants to play in the global economic system and what role it can play given some of its behavior,” said C. Fred Bergsten, who heads the Washington-based Peterson Institute for International Economics.

The timing of the attack and China’s lobbying for more influence at the Fund appear to overlap, creating a potentially embarrassing situation for China among the IMF’s 186 other members, including the U.S.

Scope of Attack

IMF officials have said little publicly about the scope of the attack or its origins, citing the on-going nature of the investigation, which involves outside forensics experts and the fund’s own information-technology team.

Yesterday, David Hawley, an IMF spokesman, said the investigation was not yet complete. “We’re continuing to investigate what happened and assess” what was taken, he said.

William Murray, another IMF spokesman, declined to comment on the source of the attack.

Wang Baodong, a spokesman for the Chinese embassy in Washington, said in an e-mail that hacking is “an international issue” affecting dozens of countries and “willfully relating such cases with China is irresponsible.”

People familiar with the incident said that the hackers were able to download a large quantity of documents from dozens of computers on the IMF’s network, which was first infected when an employee downloaded a file containing a piece of sophisticated spying software that quickly spread.

Internal IMF e-mails obtained by Bloomberg News suggest fund officials completed an inventory of those documents by the middle of July, including an “operational impact assessment.” The results have not been made public.

IMF Internal E-Mails

In an internal e-mail sent to staff, Patrick Hinderdael, the IMF’s adviser to the chief information officer, said the attack occurred in at least two phases, and that no activity by the hackers has been detected since the end of May. In the first phase, the attackers grabbed “a general sweep” of recent files then returned for a second wave of downloads, Hinderdael said.

Hackers have learned to use sophisticated methods to hide their identities, including hijacking servers in other countries to launch an attack. Forensics specialists have similarly advanced techniques to cut through the fog. Those include analyzing the code left behind in networks and tracing patterns in multiple attacks that may use the same infrastructure.

Dominique Strauss-Kahn, the head of the IMF, was arrested in New York City on sexual assault charges on May 14 and resigned four days later, setting off an international search for a new director including demands by emerging economies that one of their own lead the fund. Lagarde, the former French finance minister, was appointed to fill the position beginning July 5.

Lagarde’s Cyber Experience

Lagarde has had experience with similar cyber attacks. In March, the French finance ministrysaid its computer network had been hacked and that documents related the French presidency of the G-20 were stolen. The magazine Paris Match quoted a French official saying the information was redirected to servers in China.

Google Inc. (GOOG) has said its computers were attacked by Chinese-based hackers in late 2009, along with the networks of at least 20 other companies. According to diplomatic cables posted by the website WikiLeaks, U.S. defense and intelligence officials have documented the operations of sophisticated cyber spies operating from China over several years.

“As an intelligence professional, I stand back in absolute awe and wonderment at the Chinese espionage effort against the United States of America,” Gen. Michael Hayden, the former CIA director, said at cyber security conference last year. “It is magnificent in its breath, its depth and its efficiency.”

China’s Clout

China, which is driving global economic growth, has been gaining clout in international organizations. In 2008 Justin Lin, a Taiwan-born scholar who defected to China, became the first World Bank chief economist from outside Europe and Lagarde created a new position for Zhu at the IMF, giving China access to a top management post for the first time.

A few months earlier, China obtained the third-largest voting share at the fund after the 187 member countries agreed to better reflect the growing weight of emerging markets in the world’s economy.

China needs to decide whether it will be a cooperative global power or pursue national interests that can be disruptive, Bergsten said.

“The cyber security issue is a very big part of that but it’s only part of a broader mosaic,” he said.

Global Cornerstone

The IMF is a cornerstone institution in the global economic system, managing financial crises around the world. The fund’s computers are likely to contain confidential documents on the fiscal health of many countries.

“The IMF holds some of most valuable data anywhere,” said Josh Shaul, chief technology officer with Application Security, Inc., a cyber security firm based in New York City, NY.

The financial status of countries is critical information for major nation-state investors or holders of sovereign debt, he said.

Hinderdael said in an e-mail to IMF staff that the attack was not related to identity theft or commercial fraud, another indication the intruders weren’t ordinary cyber thieves.

“According to our experts’ assessment, the information contained in our e-mail, document management, human resource, and financial systems has not been compromised,” Hinderdael said in the e-mail.

via China-Based Spies Said to Be Behind Hacking of IMF in Investigators’ View – Bloomberg.


U.S. China face vast divide on cyber issues | Reuters

Two super powers have opposing views as to what shape security on the Internet should take!

WASHINGTON – For two years, academic experts from the United States and China have quietly held talks on cyber-security, straining to establish rules of the road in a realm that has proven a persistent irritant between the world’s two largest economies.

The informal discussions have yielded modest progress in areas such as cooperation to combat Internet fraud, where both Beijing and Washington have an incentive to work together, according to participants.

Click to Enlarge
AFP/Getty Images
Chinese anti-terrorism police undergo a drill in Suining, southwest China’s Sichuan province. After setting up its own cyber-warfare team, China’s military has now developed its first online war game aimed at improving combat skills and battle awareness, state press said. China and the U.S. have contrasting views on cyber security. Photo: Getty Images

China’s contrasting view of cyber security was made clear as soon as the United States began discussing the need to protect computer networks, James Mulvenon, a China expert at the Defense Group Inc, told a recent Washington conference.

China wanted to talk about censorship “The Chinese came back immediately and said no, no, no, we want to talk about information security, which is both protecting the network and policing the content on the network,” Mulvenon said.

“Right from the outset, we were talking past one another,” he asaid.

Digital attacks and cyber snooping on U.S. technology firms and government agencies including the Pentagon, many of them believed to have originated in or been routed through China, have pushed cyber-security up the list of thorny issues troubling Sino-American relations.

While Beijing denies it, U.S. officials and experts suspect China’s hand was behind the hacking and phishing of web-search giant Google Inc. this year and last, as well as intrusions into Pentagon networks.

On Thursday, the Pentagon is due to release its formal cyber-security strategy.

Unlike nuclear, chemical and biological weaponry, or trade wars, there are no existing international treaties that cover cyber-war, computer espionage or hacking.

Former Secretary of State Henry Kissinger, an architect of the U.S. opening with China in the 1970s, told a Thomson Reuters event last month that a high-level agreement between the two sides is needed. “If you take it case by case it will lead to accusations and counter-accusations,” he said.

But so far, there has been relatively little official movement.

The annual cabinet-level U.S.-China Strategic and Economic Dialogue included cyber security for the first time this year, but the session was just 90 minutes long, cut in half by translation and produced no breakthroughs.

The unofficial talks between experts began after China approached the United States with concerns that hacker intrusions were stoking bilateral tension, said James Lewis, a cybersecurity expert who leads the U.S. side of the talks.

The U.S. group and experts from the state-affiliated China Institutes of Contemporary International Relations have covered four areas: law enforcement, trade, military issues and espionage.

Five group meetings and three smaller informal meetings have made headway in the law enforcement area, said Lewis, of the Center for Strategic and International Studies, a Washington think tank.

In one instance, the FBI helped China’s law enforcement agencies by staging raids in New York on Chinese in the United States who were defrauding people back home, he said.

“It’s slow, but I think there’s a little bit of progress,” said Lewis, adding that the goal is to eventually hand the conversations over to official negotiating teams.

But the military and espionage tracks have been hard going, highlighting what analysts say is a huge U.S.-China perception gap over values, capabilities, interests – and even basic definitions of deterrence and cyber security.

Analysts say China’s People’s Liberation Army believes its ability to attack U.S. cyber infrastructure compensates for its conventional military weakness compared to the United States.

“I’m quite skeptical of the likelihood that any effective understanding of offensive operations can be reached with the Chinese government,” said Stewart Baker, a former U.S. Department of Homeland Security official, now at the law firm Steptoe & Johnson.

China’s eagerness to acquire foreign technology also has inspired cyber intrusions that anger trade partners.

Hackers based in China have been accused of trying to steal everything from Google’s valuable search algorithm to manuals for U.S. satellites to gigabytes of proprietary business information from Western energy companies.

But China’s spymasters, paradoxically for a centrally controlled government, do not keep a tight leash on hackers and others that they train, said Lewis, whose group will hold its next round of unofficial cyber-security talks later this year.

Lewis said he was skeptical that Beijing was directing the high-value intellectual property theft or could stop it.

“They do train people and they do use proxies but that doesn’t mean that everyone is under their control,” he said.

Even if the United States could verify that China was behind malicious cyber activity and Beijing had the capacity to rein it in, negotiations toward a cyber treaty might require concessions Washington would be loathe to put on the table.

Jack Goldsmith, an international law and cyber-security expert at Harvard Law School, says China and other countries would likely demand U.S. restraint in areas such as intelligence gathering and encouraging political activists who challenge curbs on Internet freedom.

“Until the United States gets serious about which concessions that are attractive to our adversaries it is willing and able to make, American talk of a cyber-arms agreement is empty,” Goldsmith wrote recently.

via telegraphjournal.com – U.S., China face vast divide on cyber issues | Reuters – Breaking News, New Brunswick, Canada.