China's Hack Headquarters?

♠ Posted by Emmanuel in , at 9/06/2007 12:32:00 PM
You are undoubtedly familiar with the seemingly endless stories about the Chinese hacking into Western government's computers. Hack Germany. Hack the United States. Hack Great Britain. Is this part of China's efforts at building up its "asymmetric warfare" capabilities? The principle behind this kind of warfare is to not confront opponents head-on in a conventional battle. China may be calculating that it would not fare very well against Western countries in a straight confrontation given its current military capabilities. Instead, determining the vulnerabilities of these countries' information infrastructure and undermining them in times of conflict may be a more cost-effective way to attack should things go sour in the future.

Perhaps you've read through the Unrestricted Warfare book that two Chinese colonels, Qiao Liang and Wang Xiangsui, published a few years back. It repeatedly mentions the possibilities for waging "electronic warfare" and "information warfare." Of course, there is no telling how much this publication informs Chinese military policy, but I would suggest there's a link. In any case, the Independent has a feature on the purported headquarters of all this hacking activity in the economically prosperous Chinese town of Guangzhou. [Cue up the Bond theme...]

Somewhere here in Guangzhou, the balmy capital of the booming southern province of Guangdong, a shadowy group of computer scientists is said to be hard at work under the supervision of the People's Liberation Army, waging cyber warfare on Western military and industrial targets.

Their fellow scientists in the dusty city of Lanzhou in northwestern China, not far from where the Chinese space mission is based, are also reportedly hacking into government files in Whitehall and the Pentagon.

It's hard to believe in the 30-degree-plus heat of Guangzhou, but this city has been named one of the epicentres of the Cold Cyber War. Instead of missiles pointing atcapital cities, and huge standing armies facing each other across ideological divides and barbed-wire fences, the only weapons in this secret war are keyboards, some sharp minds and a lot of caffeine pills.

The experts tell of how cyber spies breach supposedly unbreachable firewalls as smoothly as a skilled jewel thief, before swooping on a hard drive, snatching the secret files, and sending them to a third country, usually somewhere in Asia such as South Korea or Hong Kong. Then they make good their escape, often leaving no trace of the raid.

The secret agents and operatives are bleary-eyed computer whizzkids, cranked on cigarettes and coffee as they snoop through computer networks at Western military bases, armaments companies and aerospace giants. They hang out in online chatrooms rather than barrack rooms or smoky bars in communist enclaves, but they are just as hard to track as their Cold War counterparts.

Their methods may be hi-tech but the strategy is ancient – Trojan Horse software developed by the PLA's computer whizzes, disguised as PowerPoint or Word programmes, which find their way into computer systems in the corridors of power of London, into the Foreign Ministry and other government departments, even into the House of Commons. They redirect the programmes via South Korean networks or Taiwanese servers to disguise where they came from.

"There's a huge amount of cyber warfare going on here aimed at gathering intelligence and probing networks. There is also a huge amount of cyber espionage to access information about intellectual property rights and trade matters," said one security expert who did not wish to be named.

The US House of Representatives has said that intelligence gained through cyber espionage has allowed China to copy many scientific and technological breakthroughs from the West.

And traditional espionage is also on the rise as global competition intensifies for new products. Defectors tell of plans to obtain hush-hush industrial information through operatives working at embassies, and post-graduate students or private individuals employed by companies for years. Pure John Le Carré territory.

At times, cyber espionage and good-old fashioned spying overlap – the greater use of laptop computers has led to more people having their secrets stolen from beside them on the evening train home or from their hotel room on business trips. German businessmen travelling to China with the Chancellor, Angela Merkel, were told to bring their computers with them during state banquets.

Cyber espionage costs British companies billions of pounds every year, not only in the direct effects of stolen secrets, but in the loss of competitive advantage. There have long been reports that China operates a web of operatives throughout Europe, who penetrate all levels of key industries. "As cyber warfare grows, so does cyber espionage. There have been significant advances in China but I still think China is playing catch-up on the West in this game – the West has a lot more to spend – just look at the Chinese military budget and compare it to the American spending on defence," said the analyst.

Chinese cyber warfare and cyber espionage have been in the news since the German magazine Der Spiegel ran a report about Chinese hackers breaking into IT systems in the Chancellery using Trojans – just as Ms Merkel's plane was touching down at Beijing airport.

The timing of the report was embarrassing for the Chinese government, forcing Premier Wen Jiabao to stress China's anti-hacker credentials and pledge that China would co-operate closely with Germany to prevent such activity.

"The Chinese government attaches great importance to the hacker attack on the German government networks," he said, promising "determined" and "forceful" measures to combat it.

The news of cyber warfare from China was followed by reports that cyber warriors had penetrated the computer systems of the Pentagon in June.

Computer security experts say the key to the success of the cyber wars was deniability. The cyber spies use third-party computers in other countries as a way of covering their tracks. There could easily be a Trojan Horse sitting on your computer, creating a network right now, without your knowledge.

News of a security compromise is normally confined to officials with high security clearance, and not for public consumption, which has made some commentators sceptical that the Government would ever reveal any information about security breaches, unless it had sound political reasons for doing so.

"Ultimately, if Whitehall's secret networks were accessed, then there was a weakness there, so we'll never know how deeply the security breach went because no government will ever reveal that kind of weakness.

"A lot of this is a kneejerk reaction. If the alarm system in your house was compromised and someone broke into your house, would you publicise it?" said a security analyst.

One internet commentator points out how the US controls the domain name system (DNS), and could do a lot of damage to China by simply removing the "cn" domain.

The webheads speculate about just how the hackers were tracked, given that the routes they took are supposedly untraceable. And they say that spammers and organised gangs using automated penetration tools are a much greater threat than the Chinese army.

Other security experts believe that China is as much a victim as it is a perpetrator in this conflict and that the Chinese are being scapegoated for what is a much wider problem.

Around 60 per cent of attacks on US national defence systems are said to emanate from within America itself, said the analyst. That leaves 40 per cent for the rest of the world, which means that it can't all be China.

Russians are no slouches when it comes to hacking. In May this year, Estonia's websites were the victims of the world's biggest online assault by cyber vigilantes from Russia. Government ministries, banks and newspapers had their websites jammed after Estonia caused offence by re-burying a Russian soldier from the Second World War.

"Every government does it and no government is beyond accusation. The manner in which these breaches were supposed to have been carried out shows it was extremely clever programming. And at the end of the day, totally deniable."

A Chinese Foreign Ministry spokesman, Jiang Yu, said the accusations were groundless and reflected a Cold War mentality. "China and the US are now devoted to constructive relations and co-operation. The bilateral military ties enjoy a sound momentum of development. Under this backdrop, some people make wild accusations against China, suggesting that the PLA made cyber raids against the Pentagon," said Jiang. "Hacking is a global issue and China is a frequent victim in this regard. China is ready to enhance co-operation with other countries including the US in countering internet crimes".

Since the 9/11 attacks on US targets, officials have become much more aware of cyber espionage and the growing threat of China has been noted. In 2003, a cyber espionage ring codenamed Titan Rain by US investigators was tracked to Guangdong province after a network break-in at Lockheed Martin.

Beijing is keen to match its growing economic strength with political and diplomatic influence in the Asian region, but regularly emphasises that the country is undergoing a "peaceful rise". China's defence budget has been increasing by double-digit percentages for several years, stepping up fear in self-ruled Taiwan, which Beijing sees as a renegade province, that China will invade if it ever tries to declare independence from the mainland.

At the National People's Congress in March, China said it would boost defence spending by 17.8 per cent, to £22bn, this year, though the US says the figure could reach £63bn.

Beijing points out that Washington spends £244bn a year on its military, not including Iraq and Afghanistan.

To some extent this is a form of asymmetric warfare, where countries which do not possess the same level of military power as their bigger enemies adopt dissimilar tactics to wage conflict. While China has 2.3 million soldiers, 800,000 reservists, and a People's Armed Police of 1.5 million, its military still lags that of many Western powers. So China's confronting Whitehall's and the Pentagon's IT installations is a way of undermining Western military might with clever computer hacking skills.

A key driver in the sudden interest in cyber warfare by the Americans was the confirmation in January this year that the Chinese had successfully shot down one of its own satellites. The test was criticised by the US, Japan, Canada and Australia and read as a sign that China was flexing its military muscle, a way of showing that it is capable of taking out spy satellites should the US follow up on its pledge to assist Taiwan in the event of a military escalation across the straits.

The test also came as a shock to military commanders in the West, a revelation about the level which Chinese technology had attained and they were surprised by the developments. If the reports are true of breaches in Whitehall, Berlin and the Pentagon, it is a sign that China's technological progress is taking place even faster than expected.