The document provides an overview of cyber conflict and the People's Republic of China. It discusses China's development of cyber capabilities, including establishing its Cyber Command in 2010. It also examines China's cyber espionage activities targeting governments and companies to obtain intellectual property and advance political and economic objectives. The document analyzes different Chinese state and non-state actors involved in cyber operations, including the Communist Party of China, People's Liberation Army, state-owned enterprises, and hacktivists.
9. Foreign Affairs journal (September/October 2010), outlined five
basic principles of the future strategy:
► - Cyber must be recognized as a warfare domain equal to land, sea, and air;
► - Any defensive posture must go beyond “good hygiene” to include sophisticated and
accurate operations that allow rapid response;
► - Cyber defenses must reach beyond the department’s dot-mil world into commercial
networks, as governed by Homeland Security;
► - Cyber defenses must be pursued with international allies for an effective “shared
warning” of threats; and,
► - The Defense Department must help to maintain and leverage U.S. technological
dominance and improve the acquisitions process to keep up with the speed and agility of
the information technology industry (4).
► Future Cyber Capabilities “The capabilities being sought would allow U.S. cyber-warriors
to "deceive, deny, disrupt, degrade and destroy" information and computers around the
globe”.
Pentagon's Cyber Strategy
10. ► Western hacker geo-located…
► China’s Ministry of State Security (國家安全部) takes
a trip…
► China ‘reserves right to go kinetic…
► “If it is OK for US to say this, China must act!
What if…China Copied US Policy?
15. Cyber Adversary Taxonomy
Cyber Threat Motive
Targets of
Opportunity
Methodologies Capabilities
Nation States ~
Peace Time
Economic,
Military,
National
Secrets,
Political
Commercial Enterprises,
Intelligence, National Defense,
Governments, National
Infrastructure
Military & Intel
specific cyber
doctrine, hacktivists
Asymmetric use of
the cyber domain
short of kinetic
Nation States ~
War Time
Economic,
Military,
Political
Commercial Enterprises,
Intelligence, National Defense,
Governments, National
Infrastructure
Military & Intel
specific cyber
doctrine, hacktivists
Asymmetric use of
the cyber domain
including kinetic
Cyber Terrorists &
Insurgents
Political
Infrastructure, Extortion and
Political Processes
Combination of
advanced persistent
threats (APT)
Developing – will
be a concern in
2012
Cyber Criminals –
Grey & Black
Markets
Financial Intellectual Property Theft,
Fraud, Theft, Scams, Hijacked
Network & Computer
Resources, Cyber Crime for
Hire
Exploits, Malware
Botnets, Worms &
Trojans
Cell-based
structure as an APT
Criminal
Organizations –
RBN
Financial
Use of above with
distinct planning
Highly
professional,
dangerous
Rogue
Organizations –
Anonymous,
LulzSec
Financial
Military,
National
Secrets,
Political
Intellectual Property Theft,
Direct & Indirect pressure on
OGA Resources
Organic hacking
capabilities
unsurpassed
Organized yet de-
centralized
17. ► US Finally says People’s Republic of China conducts
Cyber Espionage….
2011 OCINX Report
Office of the National
Counterintelligence Executive
(ONCIX)…2011 Report
“Foreign Economic and
Industrial Espionage”
7 NOV 2011
19. US House Intel Committee
HUAWEI & ZTE
Row, Should
the United
Kingdom be
worried about
Chinese Tech
Firms?
10 OCTOBER…
HUAWEI
Denies CISCO
Source Code
Copying Claim
15
OCTOBER….
White House Review Finds No Evidence of Huawei
Spying After Eighteen Month Intelligence Review….
DSL Reports 18 OCTOBER….2012
20. US-China Econ & Security
Most notable
trend in Chinese
cyber-espionage
over the past
year ….
"increasingly
creative and
resourceful
targeting"
across
government,
industry and
civil society.
China has
become "the
most threatening
actor in
cyberspace."
"China's cyber capabilities provide
Beijing with an increasingly potent tool
to achieve national objectives," it said.
"A diverse set of Chinese hackers use
pilfered information to advance political,
economic and security objectives."
Most notable
trend in Chinese
cyber-espionage
over the past
year ….
"increasingly
creative and
resourceful
targeting"
across
government,
industry and
civil society.
Most notable
trend in Chinese
cyber-espionage
over the past
year ….
"increasingly
creative and
resourceful
targeting"
across
government,
industry and
civil society.
23. ► Codified cyber warfare in 2010…
► In response to US Cyber Command 6 months earlier…
► Official Edict: “protect national infrastructure from
external cyber threats” – President Hu Jin tao
► President Hu’s successor Xi Jin ping ….
► Curiosity or Controversy?
1. Consensus (compromise) candidate of Communists …
2. Likes Chinese free enterprise also oversees Chinese state control of economy…
3. Unknown to Chinese except “He’s the guy married to singer Peng Liyuan…also a
MajGen in the PLA!
4. Dislikes foreign criticism of PRC … sent his daughter to Harvard…under an assumed
name….
► New Premiere = Wen Jaibao…
中國共產黨 - CPC
24. “To achieve victory we must as far as possible make
the enemy blind and deaf by sealing his eyes and ears,
and drive his commanders to distraction by creating
confusion in their minds.”
中國人民解放軍 1949 Information Warfare (IW)
毛泽东 Mao Tse-Tung
25. Government Intent
Golden Shield…Filter the Chinese Internet
o Designed 1998
o Operational NOV 2003
o CISCO powered – cost $ 800M USD
o China’s Ministry of Public Security (MPS) operates….
Green Dam….1 July 2009…new PC’s must have Chinese
Government Spyware….
Military Focus
Civilian Dimension
► Dispose of Freedom of Search…
► Control Freedom of Speech…
Chinese Information Control
26. ► 500 BC Sun-Tzu’s Art of War – basis
► Sun Ping’s Military Methods
► 1995 - Major General Wang Pufeng –
Founding father of Chinese Information Warfare (IW)
► 1999 - War Without Limits – PLAAF Senior Colonel’s
Qiao Liang & Wang Xiangsui
► 2002 - PLA's IW strategy spearheaded by Major General
Dai Qingmin -
人民解放军- PLA
Integrated Network-Electronic Warfare (INEW)
27. ► 19 JUL 2010 Cyber Base….
Official Mission…Protect the national infrastructure of
the People’s Republic of China…
China’s Cyber Command?
Established 6 Months AFTER U.S. says we are taking military approach to Internet…
28. ► General Staff Directorate’s (GSD) Cyber Warfare
‘Princelings’…
General Zhang Qinsheng 章沁生
General Chen Bingde 陈炳德
General Ma Xiaotian 马晓天
Vice Admiral Sun Jianguo 孙建国
Major General Hou Shu sen 侯树森
Official Statement of Chinese IW
20 JUL 2010 – ‘ordered by President Hu
Jintao to handle cyber threats as China
enters the information age, & strengthen
the nation's cyber-infrastructure’
漢族…Han Chinese
Communist…
Technologists…
PLA Leaders…. &
中國人
29. 目前中國網絡戰的戰術
China’s “Goal is to achieve a strategic
objective”
“You have to meet my political conditions
or your government will be toppled, or
you promise to meet some of my political
conditions.”
► Major General Hu Xiaofeng, Deputy Director for the
National Defense University Department of Information
Warfare and Training Command
► Professor Meng Xiangqing, National Defense University
Institute for Strategic Studies
黑暗訪問者, 2009; [Online] Available at: http://www.thedarkvisitor.com/category/uncategorized/
30. 中国网络战的原则
Western Cyber War
Principles
有没有…..
超限战的八项原则
1) Omni directionality
2) Synchrony
3) Limited objectives
4) Unlimited measures
5) Asymmetry
6) Minimal consumption
7) Multidimensional
coordination
8) Adjustment and control
of the entire process
31. 8 NOV 2012: President Hu JinTao:
“China will speed up full military IT Applications by 2020”
► “…train a new type of high-caliber military personnel in large numbers,
intensively carry out military training under computerized conditions, and
enhance
► integrated combat capability based on extensive IT application…”;
► “…implement the military strategy of active defense for the new period, and
enhance military strategic guidance as the times so require”;
► “…strengthen national defense aim to safeguard China's sovereignty,
security and territorial integrity and ensure its peaceful development…“;
► “…enhance the capability to accomplish a wide range of military tasks, the
most important of which is to win local war in an information age…“;
Chinese PLA…Future Cyber OPS
32. ► China Telecom – owned by the CPC, operated by the
PLA
► Huawei – owned by former PLA officer direct links to
the PLA however NOT the CPC
► China Unicom – Hong Kong based now a Chinese SOE
► Common Themes…
► Commercial theme, profit oriented…
► Research base, ties to Chinese Academy of Sciences (CAS)…
► International interest & focus…developing countries…
► No organic innovation capabilities…
► Foreign cyber espionage capability via PLA (GSD) & MSS…
國有企業 –
State Owned Enterprises
中华人民共和国工业和信息化部
33. 2001 …. Insider plants data exfiltration trojan
Corporate executives targeted….
Leadership avoids ignores warnings of threat
Telecommunications Intellectual Property data theft continues
unabated…for TEN years
Market valuation and position lost…
2011 … Nortel ceases to exist as a Canadian Company….
Chinese State Owned Enterprises…Huawei ZTE suddenly take
global leadership in telephony….
Nortel Case Study…
34. ► Originally supported by CPC & PLA
► Now uncontrollable….Golden Shield Project?
► Comment Group…
► Elderwood Gang…
► Use of known Chinese malware for commercial purposes now…
► Reinforce PRC’s nationalism via the web
► Taiwan, the renegade Chinese Province
► Punishing Japan for WWII war crimes, Daiyu Islands
► Confronting Philippines, Oil near Huangyuan
► Codera’s anti-Chinese web rhetoric
► Capability to carry out Chinese State Policies
without attribution….
黑客 - Hacktivists
36. 16 AUGUST 2011 – People’s Tribune Magazine - (人民论坛杂志)
publishes several articles…
4 are very problematic for the United States….
► “A Sovereign Country Must Have Strong Defense” by Min Dahong,
director of the Network & Digital Media Research Office @ China
Academy of Social Sciences;
► “America’s ‘Pandora’s Box’ Cyber Strategy Confuses the World” by
Shen Yi - Fudan University’s Department of International Politics;
► “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the
Competition” by Tang Lan, Institute of Information and Social
Development Studies at the China Institute of Contemporary
International Relations; and
► “How to Construct China’s Cyber Defenses” by Liu Zengliang, from
the PLA National Defense University
Chinese Perspective….
37. 1995 – Chinese General MG Wang Pu Feng describes attacking via Internet
1997 – “War Beyond Limits” (Unrestricted Warfare) is written by 2 Senior Chinese
Colonels
2001 China warns of massive hack attacks
2002 - “informatization”信息化 campaign begins Chinese Communist Party (CCP)
General Secretary and Central Military Commission (CMC) Chairman Jiang Zemin, a
speech before the 16th Party Congress
2003 - Titan Rain泰坦雨 US DoD & Government websites targeted
2004 – Japan targeted by Chinese over disputed Daiyu Islands
2007 – GhostNet 幽灵网 Global CnC network with IP addresses in People’s Republic
of China
2008 – Byzantine Hades - targeted cyber operations against the U.S. government
using social engineering and malicious attachments and links in e-mail messages.
2008 - MI5 writes to more than 300 senior executives at banks, accountants and legal
firms warning them - the Chinese army is using Internet spyware to steal confidential
information
2009 - Operation Aurora 操作极光
2009 – Night Dragon夜龙
2010 – Article - Should we be afraid of Chinese hackers?...Or lost cyber war?
很多 年華 中國 Cyber Activity
38. 2011 -US needs to get better at preventing foreign access to advanced technology
- GAO watchdogs find holes in high-tech access, licensing rules
2011 – Chinese military CCTv-7 demonstrates GUI Hacking of University of Alabama
2011 – Office of the National Counterintelligence Executive (ONCIX) Report
indicates both China & Russia target corporate intellectual property
2011 – Operation Shady RAT FIVE year campaign of economic & intelligence data
exfiltration
► 2012 – “Occupying the Information High Ground: Chinese Capabilities for
Computer Network Operations and Cyber Espionage” NORTHRUP GRUMMAN
March 7, 2012
2012 – Chinese Technology Policy & Cyber Offensive Operations - April
2012 – China & Philippines engage in mutual cyber attacks over Scarborough Shoals
– April
2012 – “US & China must work to avoid cyber conflict” DefSec Panetta
2012 – Chinese Hackers hack White Nuclear Secrets Network
2012 – US House Intelligence cites Huawei & ZTE as threats to National Security
很多 年華 中國 Cyber Activity
39. Cyber-espionage is state sponsored; yet direct attribution is an illusion….
中華人民共和國 plans cyber-espionage – defensively & offensively;
Cultural, economic, historical & linguistic threads中華人民共和國 cyber-
espionage;
中國共產黨, although advocating citizen hacking, no longer controls it;
Commercial enterprises worldwide are permeable to中國cyber hacking in all
form & methods;
中國malware, RATs, Botnets are not immediately discoverable….
Mandarin Chinese (complex and simple) are an exceptional form of
cryptography…
All commercial IPS/IDS are ineffective against中國 attacks;
Companies cannot defend adequately from the various alleged Chinese
information warfare threats of Next Generation Warfare;
Offensive Cyber Capabilities must be developed…..protect your IP & Network
中華人民共和國 cyber-espionage threat serious & only become much worse…..
結束狀態
40. DO NOT become a
Chinese Cyber
Espionage case
study in my slide
deck!