[ISN] Pentagon: Cyberattacks appear to come from China

From: InfoSec News (alerts@private)
Date: Tue Mar 04 2008 - 01:05:09 PST


http://www.govexec.com/story_page.cfm?articleid=39438

By Bob Brewin 
Govexec.com  
March 3, 2008

The Defense Department said Monday that cyberattacks in 2007 against 
computer networks operated by governments and commercial institutions 
around the world "appear" to have originated within China -- marking the 
first time the Pentagon has so visibly pinned the blame against China 
for cyberattacks.

Defense made its cyber warfare charge against China in its annual report 
[1] to Congress on China's military power.

"In the past year," the report concluded, "numerous computer networks 
around the world, including those owned by the U.S. government, were 
subject to intrusions that appear to have originated within the 
[People's Republic of China]. These intrusions require many of the 
skills and capabilities that would also be required for computer network 
attack. Although it is unclear if these intrusions were conducted by, or 
with the endorsement of, the [People's Liberation Army] or other 
elements of the PRC government, developing capabilities for cyber 
warfare is consistent with authoritative PLA writings on this subject."

The report said that in 2007, networks operated by Defense, other 
federal agencies, defense-related think tanks and contractors 
experienced "multiple computer network intrusions, many of which 
appeared to have originated in the PRC."

The report also highlighted public statements by top intelligence and 
defense officials in France, Germany and the United Kingdom that pinned 
the blame for cyberattacks against networks in those countries on China.

The report quoted Hans Elmar Remberg, vice president of Germany's Office 
for the Protection of the Constitution (the country's domestic 
intelligence agency), who accused China of sponsoring computer network 
intrusions "almost daily."

The report also cited an alert in November issued to 300 financial 
institutions by Jonathan Evans, director general of MI5, the United 
Kingdom's intelligence service, saying that it was the target of 
state-sponsored computer network exploitation from China. France also 
has experienced Chinese cyberattacks, the report said, quoting French 
Secretary-General of National Defense Francis Delon.

China's use of cyber warfare stems from a doctrine designed to provide 
the country's military with advantages over technologically superior 
adversaries, the report said. It quoted a Chinese publication, which 
said:

"[The] application of non-nuclear high technologies can bring about 
strategic effects similar to that of nuclear weapons, and at the same 
time, it can avoid the great political risk possibly to be caused by 
transgressing the nuclear threshold... Among other things, following the 
advent of cyber information age, information warfare and information 
warfare strategy are widely drawing attention."

The report issued Monday does not go as far as a little noticed report 
[2] sent to Congress in late 2007 by the U.S.-China Economic and 
Security Review. It said Marine Gen. James Cartwright, the vice chairman 
of the Joint Chiefs of Staff, viewed Chinese cyberattacks [3] as 
potentially having an effect equal to "the magnitude of a weapon of mass 
destruction."

Cartwright told the commission that China has a larger capability to 
conduct denial-of-service attacks against computer systems than any 
other country, and such attacks have "the potential to cause cataclysmic 
harm if conducted against the United States on a large scale."

China also is developing a multidimensional program to limit or prevent 
the use of space-based assets by its potential adversaries, the report 
issued Monday said, as part of a process of extending battle space from 
traditional land and sea domains into outer space and cyberspace.

[1] http://www.defenselink.mil/pubs/pdfs/China_Military_Report_08.pdf
[2] http://www.uscc.gov/annual_report/2008/report_to_congress.pdf
[3] http://www.govexec.com/dailyfed/1207/120407bb1.htm


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Tue Mar 04 2008 - 01:50:11 PST