Information Warfare: The Beast From The East


June 28, 2012:  The longer Western intelligence analysts and Internet security researchers look into Chinese Internet based espionage efforts, the more clearly the Chinese strategy becomes. Put simply, China has been seeking out military and government secrets but not as diligently as they have been looking for commercial secrets and industrial technology. This is not how the Chinese hacking is described in the media, as a military campaign. But it's mostly about industrial espionage.

For example, last year it was big news that there had been a large scale effort to obtain information about American jet powered and space based (X-37) UAVs via Internet hacking. The methods, and source of the attack, had been traced back to China. These attacks are carried out via Internet based snooping efforts against specific civilian, military, and government individuals. This sort of thing is often carried out in the form of official looking email, with a file attached, sent to people at a specific military or government organization. It is usually an email they weren't expecting. This is known in the trade as "spear fishing" (or "phishing"), which is a Cyber War technique that sends official looking email to specific individuals with an attachment which, if opened, secretly installs a program that sends files from the email recipient's PC to the spear fisher's computer. In the last year an increasing number of military, government, and contractor personnel have received these official-looking emails with a PDF document attached and asking for prompt attention. But a greater number of attacks are being made against commercial targets.

The phishing phase takes place after the Chinese have done research on the organization to find the names of specific people they were going to send the emails to. The emails must then be composed to be realistic but not something that would alarm the recipient and cause them to call the Internet security experts. For those recipients who open the email, other Chinese hackers get involved studying the victims computer and how it is connected to the company network. This process enables the intruders to get to the most valuable secrets and do the most damage. Other specialists are then brought in to help get data back to China without being discovered and, finally, another crew of experts tries to ensure that the intrusion, and the damage that was done, is never discovered.

What is not given as much publicity is that the same techniques are used, on a much larger scale, to obtain details about commercial technologies. Most of this stuff was not military-related but was the sort of thing Chinese firms could use to improve their competitiveness in world markets. This reflects Chinese thinking that economic power is the basis for military power. A strong economy will make China a strong military power. 

This does not mean China refrains from using the Internet to gain military advantage. Two years ago Internet researchers discovered a China-based espionage group, called the Shadow Network, which had hacked into PCs used by military and civilian personnel working for the Indian armed forces and made off with huge quantities of data. Similar attacks had been directed at Western nations.

Examination of the viruses and related bits of computer code indicate that most of this stuff was created by Chinese speaking programmers, and all movement of command and stolen data led back to servers in China. When presented with this evidence China simply denies all. It is becoming clear that years of success in these operations has made the Chinese bolder and more ambitious in their Internet based attacks. The "spear fishing" attacks make it very clear who the targets are, and when you look at all the targets it becomes obvious that China is the chief beneficiary. But no one is willing to go to war over this, China denies everything and keeps at it.





Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close