-Caveat Lector-
Begin forwarded message:
From: [EMAIL PROTECTED]
Date: September 13, 2007 11:41:15 PM PDT
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Revolutionary Cyber-War (Something to Be Learnt from
China's Example ...)
China emerges as leader in cyberwarfare: In recent weeks,
China has been accused of hacking the Pentagon
as well as British and German government offices
By Robert Marquand and Ben Arnoldy
The Christian Science Monitor, September 14, 2007
http://www.csmonitor.com/2007/0914/p01s01-woap.html
When suspected Chinese hackers penetrated the Pentagon this summer,
reports downplayed the cyberattack. The hackers hit a secure
Pentagon system known as NIPRNet – but it only carries unclassified
information and general e-mail, Department of Defense officials said.
Yet a central aim of the Chinese hackers may not have been top
secrets, but a probe of the Pentagon network structure itself, some
analysts argue. The NIPRNet (Non-classified Internet Protocol
Router Network) is crucial in the quick deployment of US forces
should China attack Taiwan. By crippling a Pentagon Net used to
call US forces, China gains crucial hours and minutes in a
lightning attack designed to force a Taiwan surrender, experts say.
China's presumed infiltration underscores an ever bolder and more
advanced capability by its cybershock troops. Today, of an
estimated 120 countries working on cyberwarfare, China, seeking
great power status, has emerged as a leader.
"The Chinese are the first to use cyberattacks for political and
military goals," says James Mulvenon, an expert on Chin's military
and director of the Center for Intelligence and Research in
Washington. "Whether it is battlefield preparation or hacking
networks connected to the German chancellor, they are the first
state actor to jump feet first into 21st-century cyberwarfare
technology. This is clearly becoming a more serious and open problem."
China is hardly the only state conducting cyberespionage.
"Everybody is hacking everybody," says Johannes Ullrich, an expert
with the SANS Technology Institute, pointing to Israeli hacks
against the US, and French hacks against European Union partners.
But aspects of the Chinese approach worry him. "The part I am most
afraid of is … staging probes inside key industries. It's almost
like sleeper cells, having ways to [disrupt] systems when you need
to if it ever came to war."
In recent weeks, China stands accused not only of the Pentagon
attack, but also of daily striking German federal ministries and
British government offices, including Parliament. After an
investigation in May, officials at Germany's Office of the
Protection of the Constitution told Der Speigel that 60 percent of
all cyberattacks on German systems come from China. Most originate
in the cities of Lanzhou and Beijing, and in Guangdong Province,
centers of high-tech military operations.
German Chancellor Angela Merkel publicly raised the issue with
Chinese Premier Wen Jiabao in Beijing last month. Mr. Wen did not
deny China's activity, but said it should stop. President George
Bush, prior to his meeting with Chinese President Hu Jintao in
Sydney, Australia, at the APEC summit last week, stated that
respect of computer "systems" is "what we expect from people with
whom we trade."
The accusations, hard to prove conclusively, still illumine an
emerging theater of low-level attacks among nations. This spring,
presumed Russian hackers made headlines with a one-off cyberblitz
of Estonia, shutting down one of the most wired countries in Europe
for a week – blunt payback for removal of a Soviet war memorial.
But China's cyberstrategy is deemed murkier and more widespread.
The tenaciousness of Chinese hackers, whose skills were once
derided by US cyberexperts, has begun to sink in to Western states
and their intelligence services.
Probes of the Pentagon system that would bring US intervention
should China attack Taiwan are part of a program dating to the
1990s that links cyberwarfare to real-world military action by
China's People's Liberation Army. The very probe shows success in
China's long-term program, experts say.
"The Chinese want to disrupt that unofficial network in a crucial
time-frame inside a Taiwan scenario," says Mr. Mulvenon. "It is
something they've written about. When you read what Chinese
strategists say, it is the unclassified network they will go after
… to delay deployment. China is developing tremendous capability."
Much of the hacking prowess in China is attributed to "gray hat"
hackers – techie mercenaries, often younger males, geeks proud of
the title – who can be mobilized to attack systems if needed,
experts say.
In cyberparlance, black hats are hackers whose professional life is
spent trying to attack other systems. White hats are those who
defend against attacks. But China is regarded as having a
substantial number of hackers in the gray middle – cutting-edge
technopatriots loosely affiliated with the Chinese government, but
who are not formal agents of the state.
This allows many Chinese hackers to exist in a zone of deniability.
To be sure, provability and deniability are central in
cyberwarfare. The most difficult problem is how to prove who hacks
a system.
In recent weeks, Beijing has officially expressed shock, pain, and
denial of news reports like those in Der Speigel fingering China,
and at a host of official and semi-official accusations. But
China's ardent denials, in the face of its own professed desire to
be a cyberattack specialist, are not entirely persuasive, analysts
say.
"Sometimes [Chinese] will brag about their exploits, and other
times they'll disclaim them entirely, blaming unknown rogue
individuals," says Bill Woodcock, research director at Packet
Clearing House, a nonprofit research institute that focuses on
Internet security and stability.
The new focus by other governments on China's capabilities are part
of getting to know a country long criticized for a lack of
transparency. "China's ambitions are quite extensive. It is a great
power that is rising, and so other people want to scrutinize you.
That's part of being a great society," says a veteran European
China-watcher in Beijing. "When you hack into the private files of
other governments, people want to know what you are doing. If you
talk about a harmonious world, and a harmonious society, and then
you do things that aren't harmonious – you get called out."
Of particular alarm for Washington and other world capitals are so-
called "zero-day attacks" – cyberpenetrations that look for
software flaws to exploit. This is not an uncommon pastime for
hackers. But in China's case, suspicion falls on professional
hackers, says Sami Saydjari, a Defense Department computer-security
veteran who now heads a firm called Cyber Defense Agency in Wisconsin.
"The Chinese ... [put] very strong controls over … their Internet,
and it's highly unlikely there are hacker groups that have any
substantial level of capability they don't control," says Mr.
Saydjari.
Analysts say China constantly probes US military networks. But
attributing this conclusively to the People's Liberation Army,
fingered by German officials in Der Speigel, is almost impossible.
To trace attacks to their source requires the help of those who
control each link, or router.
Proving cyberattacks involves what Mulvenon calls the "Tarzana,
California, problem." How does one know an attack "isn't coming
from a kid in Tarzana who is bouncing off a Chinese server?"
Mulvenon asks. "You don't. You can't predicate a response based on
perfect knowledge of the attacker. But we think that correlation is
causation. That is, 'Who benefits?' The best-case analysis is to
correlate attacks with what Chinese have always said and written
their goals are, which makes them by far the most likely suspect."
Cyberpenetration runs the gamut, from simple to sophisticated.
There's a simple "Trojan horse attack," for example, said to be
used against the German chancellery. Hackers send what appears to
be a legitimate e-mail. When opened, it installs malicious software
that allows hackers to open files in a private network, or disrupt
it. A Trojan horse is not surprising in an unclassified system,
says Saydjari. "But some of the attacks attributed to China have
been quite sophisticated."
Beijing's control showed in September 2003, when the company that
administers .com and .net domain names made unilateral changes to
the Internet's functioning. System administrators around the world
scrambled to make piecemeal fixes.
"The domain-name system was broken for more than two weeks for the
rest of the world, but after a brief interruption, it got
mysteriously … unbroken inside China after eight days," says Mr.
Woodcock.
PLA doctrine explicitly states that information-technology
disruption is part of "asymmetric" warfare. The US is more
vulnerable than China to a cyberattack, says Saydjari, because of
its greater reliance on high-tech, networked systems.
The PLA's "People's War" doctrine argues that all able-minded
People's Republic computer users have a responsibility to fight for
China with their laptops, says Woodcock. He argues that Beijing
might call on ethnic Chinese hackers in any part of the world,
hoping they might help. Even nonhackers might be asked to
participate in "denial of service" (DoS) attacks – a weapon to shut
down enemy websites that requires massive numbers of computers to
accomplish. "The power of numbers is on their side," Woodcock says.
China has the largest DoS capability in the world, he says, a
concern to private-sector companies as well.
So far, China doesn't seem to be organizing DoS attacks, says Mr.
Ullrich. During the EP-3 spy plane spat between the US and China in
early 2001, some Chinese youths launched DoS attacks. But the
government curtailed the attacks.
For several years, China has focused most of its military research
and production on a high-tech air and missile-attack force – to
overwhelm Taiwan. Hence, China's probe of the Pentagon NIPRNet.
"They want to be able to attack the Net. They don't need a
supersexy penetration program," Mulvenon argues. "They just bomb
the Net itself. They disrupt the deployment of our military,
simultaneously saturate Taiwan, delay the US arrival, and Taiwan
capitulates. It's what they talk about."
See what's new at AOL.com and Make AOL Your Homepage.
www.ctrl.org
DECLARATION & DISCLAIMER
==========
CTRL is a discussion & informational exchange list. Proselytizing propagandic
screeds are unwelcomed. Substance—not soap-boxing—please! These are
sordid matters and 'conspiracy theory'—with its many half-truths, mis-
directions and outright frauds—is used politically by different groups with
major and minor effects spread throughout the spectrum of time and thought.
That being said, CTRLgives no endorsement to the validity of posts, and
always suggests to readers; be wary of what you read. CTRL gives no
credence to Holocaust denial and nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://www.mail-archive.com/ctrl@listserv.aol.com/
<A HREF="http://www.mail-archive.com/ctrl@listserv.aol.com/">ctrl</A>
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om