http://www.govexec.com/story_page.cfm?articleid=39438
By Bob Brewin
Govexec.com
March 3, 2008
The Defense Department said Monday that cyberattacks in 2007 against
computer networks operated by governments and commercial institutions
around the world "appear" to have originated within China -- marking the
first time the Pentagon has so visibly pinned the blame against China
for cyberattacks.
Defense made its cyber warfare charge against China in its annual report
[1] to Congress on China's military power.
"In the past year," the report concluded, "numerous computer networks
around the world, including those owned by the U.S. government, were
subject to intrusions that appear to have originated within the
[People's Republic of China]. These intrusions require many of the
skills and capabilities that would also be required for computer network
attack. Although it is unclear if these intrusions were conducted by, or
with the endorsement of, the [People's Liberation Army] or other
elements of the PRC government, developing capabilities for cyber
warfare is consistent with authoritative PLA writings on this subject."
The report said that in 2007, networks operated by Defense, other
federal agencies, defense-related think tanks and contractors
experienced "multiple computer network intrusions, many of which
appeared to have originated in the PRC."
The report also highlighted public statements by top intelligence and
defense officials in France, Germany and the United Kingdom that pinned
the blame for cyberattacks against networks in those countries on China.
The report quoted Hans Elmar Remberg, vice president of Germany's Office
for the Protection of the Constitution (the country's domestic
intelligence agency), who accused China of sponsoring computer network
intrusions "almost daily."
The report also cited an alert in November issued to 300 financial
institutions by Jonathan Evans, director general of MI5, the United
Kingdom's intelligence service, saying that it was the target of
state-sponsored computer network exploitation from China. France also
has experienced Chinese cyberattacks, the report said, quoting French
Secretary-General of National Defense Francis Delon.
China's use of cyber warfare stems from a doctrine designed to provide
the country's military with advantages over technologically superior
adversaries, the report said. It quoted a Chinese publication, which
said:
"[The] application of non-nuclear high technologies can bring about
strategic effects similar to that of nuclear weapons, and at the same
time, it can avoid the great political risk possibly to be caused by
transgressing the nuclear threshold... Among other things, following the
advent of cyber information age, information warfare and information
warfare strategy are widely drawing attention."
The report issued Monday does not go as far as a little noticed report
[2] sent to Congress in late 2007 by the U.S.-China Economic and
Security Review. It said Marine Gen. James Cartwright, the vice chairman
of the Joint Chiefs of Staff, viewed Chinese cyberattacks [3] as
potentially having an effect equal to "the magnitude of a weapon of mass
destruction."
Cartwright told the commission that China has a larger capability to
conduct denial-of-service attacks against computer systems than any
other country, and such attacks have "the potential to cause cataclysmic
harm if conducted against the United States on a large scale."
China also is developing a multidimensional program to limit or prevent
the use of space-based assets by its potential adversaries, the report
issued Monday said, as part of a process of extending battle space from
traditional land and sea domains into outer space and cyberspace.
[1] http://www.defenselink.mil/pubs/pdfs/China_Military_Report_08.pdf
[2] http://www.uscc.gov/annual_report/2008/report_to_congress.pdf
[3] http://www.govexec.com/dailyfed/1207/120407bb1.htm
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
Comments