The document provides an overview of cyber conflict and the People's Republic of China. It discusses China's development of cyber capabilities, including establishing its Cyber Command in 2010. It also examines China's cyber espionage activities targeting governments and companies to obtain intellectual property and advance political and economic objectives. The document analyzes different Chinese state and non-state actors involved in cyber operations, including the Communist Party of China, People's Liberation Army, state-owned enterprises, and hacktivists.

1. Session ID:
Session Classification:
LtCol William Hagestad II
(RET)
Red Dragon Rising
HT-F42
Intermediate
Cyber Conflict &
The People's Republic of China
中
華
人
民
共
和
國
網
絡
代
碼
衝
突

3. Not War … Cyber Conflict
Commander of the Order of the British Empire
(CBE) &
Order of the British Empire (OBE)
Red-DragonRising.com©
Senior general to take charge of cyber-warfare
defences…20 DEC 2011 : The Independent
Foreign hackers 'putting UK firms out of
business‘… 24 OCT 2011 : The Telegraph
Ministry of Defence top secret systems
hacked, head of cyber security reveals…4 MAY
2012 : UK Mail Online…4 MAY 2012
What
Happened?

4. Cyber Security in the US…
December 22,
2009 – Mr.
Schmidt
appointed by
President
Obama…
17 months later
Mr. Schmidt
resigns…
Red-DragonRising.com©
WHY?
IF US National Critical Infrastructure
protection role a revolving door…
Who will protect Commercial Enterprises?

5. Hack the Chinese…
Red-DragonRising.com©
# ProjectDragonFly….
 Step # 1: Seek out China’s Cyber Police Servers…
 Step # 2: Verify default Apache passwords…
 Step # 3: Change default password
 Step # 4: P@wn China’s Cyberpolice….
http://pastesite.com/37464

6. 中國P@wned @ root…
Red-DragonRising.com©
# ProjectDragonFly….
 Individual Western Hacker effort to strike back at
Chinese…
http://pastesite.com/37464
P@wned @ root…..

7. Should look like this…
Red-DragonRising.com©

8. Is #OpProjectDragonfly ok?
Red-DragonRising.com©
► No…never…
► Unintended consequences of attacking a Nation
State…
► Reciprocal cyber attacks…
► NCI impacted…
► Governments unable to function
► Law & disorder
► Chaos….

9. Foreign Affairs journal (September/October 2010), outlined five
basic principles of the future strategy:
► - Cyber must be recognized as a warfare domain equal to land, sea, and air;
► - Any defensive posture must go beyond “good hygiene” to include sophisticated and
accurate operations that allow rapid response;
► - Cyber defenses must reach beyond the department’s dot-mil world into commercial
networks, as governed by Homeland Security;
► - Cyber defenses must be pursued with international allies for an effective “shared
warning” of threats; and,
► - The Defense Department must help to maintain and leverage U.S. technological
dominance and improve the acquisitions process to keep up with the speed and agility of
the information technology industry (4).
► Future Cyber Capabilities “The capabilities being sought would allow U.S. cyber-warriors
to "deceive, deny, disrupt, degrade and destroy" information and computers around the
globe”.
Pentagon's Cyber Strategy

10. ► Western hacker geo-located…
► China’s Ministry of State Security (國家安全部) takes
a trip…
► China ‘reserves right to go kinetic…
► “If it is OK for US to say this, China must act!
What if…China Copied US Policy?

11. The Middle Kingdom…

12. ► Chinese metaphor for the current communist
regime…
► Caged dinosaurs…籠恐龍
籠恐龍
籠恐龍…Caged Dinosuars

13. “21st Century Chinese Cyber Warfare”
“二十一世紀中國網絡戰”
ISBN: 9781849283342

14. Is China Really the Enemy?

15. Cyber Adversary Taxonomy
Cyber Threat Motive
Targets of
Opportunity
Methodologies Capabilities
Nation States ~
Peace Time
Economic,
Military,
National
Secrets,
Political
Commercial Enterprises,
Intelligence, National Defense,
Governments, National
Infrastructure
Military & Intel
specific cyber
doctrine, hacktivists
Asymmetric use of
the cyber domain
short of kinetic
Nation States ~
War Time
Economic,
Military,
Political
Commercial Enterprises,
Intelligence, National Defense,
Governments, National
Infrastructure
Military & Intel
specific cyber
doctrine, hacktivists
Asymmetric use of
the cyber domain
including kinetic
Cyber Terrorists &
Insurgents
Political
Infrastructure, Extortion and
Political Processes
Combination of
advanced persistent
threats (APT)
Developing – will
be a concern in
2012
Cyber Criminals –
Grey & Black
Markets
Financial Intellectual Property Theft,
Fraud, Theft, Scams, Hijacked
Network & Computer
Resources, Cyber Crime for
Hire
Exploits, Malware
Botnets, Worms &
Trojans
Cell-based
structure as an APT
Criminal
Organizations –
RBN
Financial
Use of above with
distinct planning
Highly
professional,
dangerous
Rogue
Organizations –
Anonymous,
LulzSec
Financial
Military,
National
Secrets,
Political
Intellectual Property Theft,
Direct & Indirect pressure on
OGA Resources
Organic hacking
capabilities
unsurpassed
Organized yet de-
centralized

16. The Middle Kingdom

17. ► US Finally says People’s Republic of China conducts
Cyber Espionage….
2011 OCINX Report
Office of the National
Counterintelligence Executive
(ONCIX)…2011 Report
“Foreign Economic and
Industrial Espionage”
7 NOV 2011

18. Ahh yes..HUAWEI….
Chinese telecom giant
eyed as security threat
OCTOBER 2012

19. US House Intel Committee
HUAWEI & ZTE
Row, Should
the United
Kingdom be
worried about
Chinese Tech
Firms?
10 OCTOBER…
HUAWEI
Denies CISCO
Source Code
Copying Claim
15
OCTOBER….
White House Review Finds No Evidence of Huawei
Spying After Eighteen Month Intelligence Review….
DSL Reports 18 OCTOBER….2012

20. US-China Econ & Security
Most notable
trend in Chinese
cyber-espionage
over the past
year ….
"increasingly
creative and
resourceful
targeting"
across
government,
industry and
civil society.
China has
become "the
most threatening
actor in
cyberspace."
"China's cyber capabilities provide
Beijing with an increasingly potent tool
to achieve national objectives," it said.
"A diverse set of Chinese hackers use
pilfered information to advance political,
economic and security objectives."
Most notable
trend in Chinese
cyber-espionage
over the past
year ….
"increasingly
creative and
resourceful
targeting"
across
government,
industry and
civil society.
Most notable
trend in Chinese
cyber-espionage
over the past
year ….
"increasingly
creative and
resourceful
targeting"
across
government,
industry and
civil society.

21. Who is China?

22. 4 Groups…Official & Unofficial….
1. 中國共產黨(CPC)
2. 人民解放军(PLA)
3. 中國國有企業(SOE)
4. 中國黑客 (Hacktivists)
中國黑客….

23. ► Codified cyber warfare in 2010…
► In response to US Cyber Command 6 months earlier…
► Official Edict: “protect national infrastructure from
external cyber threats” – President Hu Jin tao
► President Hu’s successor Xi Jin ping ….
► Curiosity or Controversy?
1. Consensus (compromise) candidate of Communists …
2. Likes Chinese free enterprise also oversees Chinese state control of economy…
3. Unknown to Chinese except “He’s the guy married to singer Peng Liyuan…also a
MajGen in the PLA!
4. Dislikes foreign criticism of PRC … sent his daughter to Harvard…under an assumed
name….
► New Premiere = Wen Jaibao…
中國共產黨 - CPC

24. “To achieve victory we must as far as possible make
the enemy blind and deaf by sealing his eyes and ears,
and drive his commanders to distraction by creating
confusion in their minds.”
中國人民解放軍 1949 Information Warfare (IW)
毛泽东 Mao Tse-Tung

25.  Government Intent
 Golden Shield…Filter the Chinese Internet
o Designed 1998
o Operational NOV 2003
o CISCO powered – cost $ 800M USD
o China’s Ministry of Public Security (MPS) operates….
 Green Dam….1 July 2009…new PC’s must have Chinese
Government Spyware….
 Military Focus
 Civilian Dimension
► Dispose of Freedom of Search…
► Control Freedom of Speech…
Chinese Information Control

26. ► 500 BC Sun-Tzu’s Art of War – basis
► Sun Ping’s Military Methods
► 1995 - Major General Wang Pufeng –
Founding father of Chinese Information Warfare (IW)
► 1999 - War Without Limits – PLAAF Senior Colonel’s
Qiao Liang & Wang Xiangsui
► 2002 - PLA's IW strategy spearheaded by Major General
Dai Qingmin -
人民解放军- PLA
Integrated Network-Electronic Warfare (INEW)

27. ► 19 JUL 2010 Cyber Base….
Official Mission…Protect the national infrastructure of
the People’s Republic of China…
China’s Cyber Command?
Established 6 Months AFTER U.S. says we are taking military approach to Internet…

28. ► General Staff Directorate’s (GSD) Cyber Warfare
‘Princelings’…
General Zhang Qinsheng 章沁生
General Chen Bingde 陈炳德
General Ma Xiaotian 马晓天
Vice Admiral Sun Jianguo 孙建国
Major General Hou Shu sen 侯树森
Official Statement of Chinese IW
20 JUL 2010 – ‘ordered by President Hu
Jintao to handle cyber threats as China
enters the information age, & strengthen
the nation's cyber-infrastructure’
漢族…Han Chinese
Communist…
Technologists…
PLA Leaders…. &
中國人

29. 目前中國網絡戰的戰術
China’s “Goal is to achieve a strategic
objective”
“You have to meet my political conditions
or your government will be toppled, or
you promise to meet some of my political
conditions.”
► Major General Hu Xiaofeng, Deputy Director for the
National Defense University Department of Information
Warfare and Training Command
► Professor Meng Xiangqing, National Defense University
Institute for Strategic Studies
黑暗訪問者, 2009; [Online] Available at: http://www.thedarkvisitor.com/category/uncategorized/

30. 中国网络战的原则
Western Cyber War
Principles
有没有…..
超限战的八项原则
1) Omni directionality
2) Synchrony
3) Limited objectives
4) Unlimited measures
5) Asymmetry
6) Minimal consumption
7) Multidimensional
coordination
8) Adjustment and control
of the entire process

31. 8 NOV 2012: President Hu JinTao:
“China will speed up full military IT Applications by 2020”
► “…train a new type of high-caliber military personnel in large numbers,
intensively carry out military training under computerized conditions, and
enhance
► integrated combat capability based on extensive IT application…”;
► “…implement the military strategy of active defense for the new period, and
enhance military strategic guidance as the times so require”;
► “…strengthen national defense aim to safeguard China's sovereignty,
security and territorial integrity and ensure its peaceful development…“;
► “…enhance the capability to accomplish a wide range of military tasks, the
most important of which is to win local war in an information age…“;
Chinese PLA…Future Cyber OPS

32. ► China Telecom – owned by the CPC, operated by the
PLA
► Huawei – owned by former PLA officer direct links to
the PLA however NOT the CPC
► China Unicom – Hong Kong based now a Chinese SOE
► Common Themes…
► Commercial theme, profit oriented…
► Research base, ties to Chinese Academy of Sciences (CAS)…
► International interest & focus…developing countries…
► No organic innovation capabilities…
► Foreign cyber espionage capability via PLA (GSD) & MSS…
國有企業 –
State Owned Enterprises
中华人民共和国工业和信息化部

33.  2001 …. Insider plants data exfiltration trojan
 Corporate executives targeted….
 Leadership avoids ignores warnings of threat
 Telecommunications Intellectual Property data theft continues
unabated…for TEN years
 Market valuation and position lost…
 2011 … Nortel ceases to exist as a Canadian Company….
 Chinese State Owned Enterprises…Huawei ZTE suddenly take
global leadership in telephony….
Nortel Case Study…

34. ► Originally supported by CPC & PLA
► Now uncontrollable….Golden Shield Project?
► Comment Group…
► Elderwood Gang…
► Use of known Chinese malware for commercial purposes now…
► Reinforce PRC’s nationalism via the web
► Taiwan, the renegade Chinese Province
► Punishing Japan for WWII war crimes, Daiyu Islands
► Confronting Philippines, Oil near Huangyuan
► Codera’s anti-Chinese web rhetoric
► Capability to carry out Chinese State Policies
without attribution….
黑客 - Hacktivists

35. Chinese View…
16 AUGUST
2011

36.  16 AUGUST 2011 – People’s Tribune Magazine - (人民论坛杂志)
publishes several articles…
 4 are very problematic for the United States….
► “A Sovereign Country Must Have Strong Defense” by Min Dahong,
director of the Network & Digital Media Research Office @ China
Academy of Social Sciences;
► “America’s ‘Pandora’s Box’ Cyber Strategy Confuses the World” by
Shen Yi - Fudan University’s Department of International Politics;
► “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the
Competition” by Tang Lan, Institute of Information and Social
Development Studies at the China Institute of Contemporary
International Relations; and
► “How to Construct China’s Cyber Defenses” by Liu Zengliang, from
the PLA National Defense University
Chinese Perspective….

37.  1995 – Chinese General MG Wang Pu Feng describes attacking via Internet
 1997 – “War Beyond Limits” (Unrestricted Warfare) is written by 2 Senior Chinese
Colonels
 2001 China warns of massive hack attacks
 2002 - “informatization”信息化 campaign begins Chinese Communist Party (CCP)
General Secretary and Central Military Commission (CMC) Chairman Jiang Zemin, a
speech before the 16th Party Congress
 2003 - Titan Rain泰坦雨 US DoD & Government websites targeted
 2004 – Japan targeted by Chinese over disputed Daiyu Islands
 2007 – GhostNet 幽灵网 Global CnC network with IP addresses in People’s Republic
of China
 2008 – Byzantine Hades - targeted cyber operations against the U.S. government
using social engineering and malicious attachments and links in e-mail messages.
 2008 - MI5 writes to more than 300 senior executives at banks, accountants and legal
firms warning them - the Chinese army is using Internet spyware to steal confidential
information
 2009 - Operation Aurora 操作极光
 2009 – Night Dragon夜龙
 2010 – Article - Should we be afraid of Chinese hackers?...Or lost cyber war?
很多 年華 中國 Cyber Activity

38.  2011 -US needs to get better at preventing foreign access to advanced technology
- GAO watchdogs find holes in high-tech access, licensing rules
 2011 – Chinese military CCTv-7 demonstrates GUI Hacking of University of Alabama
 2011 – Office of the National Counterintelligence Executive (ONCIX) Report
indicates both China & Russia target corporate intellectual property
 2011 – Operation Shady RAT FIVE year campaign of economic & intelligence data
exfiltration
► 2012 – “Occupying the Information High Ground: Chinese Capabilities for
Computer Network Operations and Cyber Espionage” NORTHRUP GRUMMAN
March 7, 2012
 2012 – Chinese Technology Policy & Cyber Offensive Operations - April
 2012 – China & Philippines engage in mutual cyber attacks over Scarborough Shoals
– April
 2012 – “US & China must work to avoid cyber conflict” DefSec Panetta
 2012 – Chinese Hackers hack White Nuclear Secrets Network
 2012 – US House Intelligence cites Huawei & ZTE as threats to National Security
很多 年華 中國 Cyber Activity

39.  Cyber-espionage is state sponsored; yet direct attribution is an illusion….
 中華人民共和國 plans cyber-espionage – defensively & offensively;
 Cultural, economic, historical & linguistic threads中華人民共和國 cyber-
espionage;
 中國共產黨, although advocating citizen hacking, no longer controls it;
 Commercial enterprises worldwide are permeable to中國cyber hacking in all
form & methods;
 中國malware, RATs, Botnets are not immediately discoverable….
 Mandarin Chinese (complex and simple) are an exceptional form of
cryptography…
 All commercial IPS/IDS are ineffective against中國 attacks;
 Companies cannot defend adequately from the various alleged Chinese
information warfare threats of Next Generation Warfare;
 Offensive Cyber Capabilities must be developed…..protect your IP & Network
 中華人民共和國 cyber-espionage threat serious & only become much worse…..
結束狀態

40. DO NOT become a
Chinese Cyber
Espionage case
study in my slide
deck!

41. 謝謝您的時間
今天
有沒有問題？
謝謝您