Tuesday, March 09, 2010

Cyberwar declared as China's attacks increase

The tense situation between the West and China has increased a notch if recent reports in a number of newspapers are to be taken seriously. One of the more concerning reports came from the Times which said that urgent warnings were circulating around intelligence communities as China continues to initiate cyberattacks on western interests.

The paper said that Nato and the European Union are becoming increasingly concerned and may even retaliate. "Everyone has been made aware that the Chinese have become very active with cyber-attacks and we're now getting regular warnings from the office for internal security," a Nato diplomatic source told the Times. Sources at the Office for Cyber Security at the Cabinet Office in London said there were two forms of attack: those focusing on disrupting computer systems and others involving "fishing trips" for sensitive information. A special team has been set up at GCHQ, the British government communications headquarters in Gloucestershire, to counter the growing cyber-threat affecting intelligence material. 

According to a report released Friday in the US the number of attacks on Congress and other government agencies has risen exponentially in the past year to an estimated 1.6 billion every month. The attacks are not confined to the US however. James Lewis, of the Centre for Strategic and International Studies, said, "The porousness of the European institutions makes them a good target for penetration. They are of interest to the Chinese on issues from arms sales and nuclear non-proliferation to Tibet and energy."

Jonathan Evans, the Director-General of MI5, warned in 2007 that several states were actively involved in large-scale cyber-attacks. Although he did not specify which states were involved, many security officials have indicated that China now poses the gravest threat. Dr Lewis says that neither the US nor any of its Western allies had formed an effective response to the Chinese threat, which has its origins in a massive boost to Chinese technology ordered by Deng Xiaoping, the late Chinese leader, in 1986. The West's own cyber offensives have so far been directed largely at terrorists rather than nation states. This, Lewis argues, has given China virtually free rein to penetrate Western systems with its own world-class hackers and increasingly popular Chinese-made components.

Britain and the US have begun to liaise with each other to counter the threat. The Office of Cyber Security, set up last year as part of the British government's national security strategy, regularly discuss the situation with America's so-called cyber czar, Howard Schmidt, who was appointed by President Obama to protect government computers.

Lord West of Spithead, who is parliamentary under-secretary for security and counter-terrorism, has even hinted at possible retaliation. "If some state sponsor keeps trying to get into your systems, probably for industrial espionage, are you going to go back into their system and bugger it up? We're all capable of doing these things. At the moment we wouldn't do that, but maybe this is where we need to have discussions." While the number of attacks on British interests were less than those seen in the United States, they nonetheless posed a serious threat. There had been "300 significant attacks" on the government's core computer networks in the last year, West said. "There is no doubt some state actors have sucked out huge amounts of intellectual copyright, designs to whole aero engines, things that have taken years and years of development," West told the Guardian newspaper. 

The difficulty for the security agencies is finding the absolute proof a particular state was behind such attacks. "The moment you mention a particular state, they will deny it," West said. "The problem with cyberspace is that attribution is extremely difficult. It's almost impossible to do it in terms of evidence that would be necessary in a court of law." This aside, the use of the Internet as a weapon is posing new questions. "If I went and bombed a power station in France, that would be an act of war," he said. "If I went on to the net and took out a power station, is that an act of war? One could argue that it was."

While China is probably behind many such cyberattacks, the threat could come from other quarters. Robert Mueller, FBI Director, has warned that, in addition to the danger of foreign states making cyberattacks, al-Qaeda could in the future pose a similar threat. In a speech to a security conference last week, Mueller said terrorist groups had used the Internet to recruit members and to plan attacks, but added: "Terrorists have... shown a clear interest in pursuing hacking skills and they will either train their own recruits or hire outsiders with an eye towards combining physical attacks with cyber-attacks." Lord West also warns of terror related cyberattacks. "I'm very worried they [terrorists] may start becoming cuter and try to use our connectivity to have a go at our critical infrastructure, things [that control] our services, our food [distribution] and water supply," he said. Terrorists were currently "not brilliant" at attempting this sort of attack on infrastructure, West added, but they would learn fast and "we've got to be ahead of them".

Today barely a week passes without the phrase "cyberattack" being mentioned in the news. It is a loose term, incorporating everything from criminal hacking and commercial espionage to attempts to seize control of weapon systems or sabotage national infrastructures. Britain is now treating the surge of hostile computer activity seriously enough to have established two organisations to co-ordinate, assess and expand its cyber strategy. The Office for Cyber Security (OCS), established by the Cabinet Office, was created in the autumn after a warning by intelligence chiefs that China may have acquired the ability to cripple key points of infrastructure such as telecommunications.

Whitehall departments were allegedly first targeted by Chinese hackers in 2007. Later that year Jonathan Evans, director-general of MI5, wrote to 300 chief executives warning of potential Chinese hacking attacks and data theft. In the year up to November 2009 Britain suffered 300 cyber intrusions, defined as a sophisticated attempt, successful or not, to steal data or sabotage systems, on government and military networks [Times].

Britain has joined forces with America to counter such attacks, but Europe also needs to be more assertive band join the effort. From a Chinese perspective, Europe is regarded as an increasingly divided and enfeebled entity, unable to negotiate with one voice and rapidly being overshadowed by a deepening US-China relationship. The China threat also spreads into areas other than cyberattacks. National governments, led by Britain and France, are concerned that European Commission attempts to seize control of the EU foreign service will delay its creation and allow China to continue to "divide and rule" Europe's 27 member states. The Commission is fighting hard to keep its control over EU-China negotiations on trade, economy, energy or climate change but this would jeopardise the national demands that new EEAS [European External Action Service] embassy be "much more substantial, political and joined up than now". On Brussels official warned, "If they try and take away some out our competence in these areas, we will tie the EEAS up in legal knots and delay." [Telegraph].

The economic war and the cyberwar are posing increased threats to western interests. And without concerted efforts to counter these threats, the West has much to lose. Security analysts say 20 countries, in addition to China, are actively engaged in so-called asymmetrical warfare, a term that originated with counterterrorism experts that now commonly refers to cyberattacks designed to destabilize governments. Countries engaged in this activity range from so-called friendly nations, such as the United Kingdom and Israel, to less friendly governments like North Korea, Russia, Kazakhstan, and Uzbekistan.

"There are least 100 countries with cyber espionage capabilities," warns Alan Paller, director of research at the SANS Institute, an information security and training firm. Today there are thousands of hackers working on such programs around the world, "including al Qaeda cells that are acting as training centers for hackers," he said. 

"It's been a widespread problem for some time," says University of Texas at San Antonio professor and cyber security researcher Ravinderpal Sandhu. Paller and others agree, adding that the recent Google incident, in which the Internet giant discovered e-mail and corporate sites had been extensively hacked by programmers on the Chinese mainland, represents just the tip of the iceberg. "The Chinese air force has an asymmetrical warfare division" charged with developing cyberwarfare techniques to disable governments' command and control systems, says Tom Patterson, chief security officer of security device manufacturer MagTek Inc. "They are fully staffed, fully operational and fully active. And when you aim a governmental agency that size against any company, even the size of Google, well, it's an overwhelming force," Patterson says. "It's been going on in China since at least at least May 2002, with workstations running 24 hours a day, 7 days a week," Peller says [Fox News].

On CNN last month a special programme looked at the possible repercussions of a concerted cyberattack aimed at disrupting US infrastructure. Wolf Blitzer presented the hypothetical scenario We Were Warned, Cyber Shockwave and discussed the issues with several former administration and national security officials. In the discussion that followed retired USAF General Charles F Wald said, "I think the scenario we saw today is believable." But he added, "I think we're preparing for it. I don't think we are prepared as much as we should be." As for who might initiate such an attack the panel pointed the fingers at terrorists and at certain countries. "Well, you heard it in the context of the scenario -- the Chinese and the Russians have this capability," said Francis Townsend, a White House Homeland Security Adviser from 2004 to 2008. [CNN Transcript].

Not every one is so ready to claim such an attack is either possible or imminent. Howard Schmidt, the new cybersecurity czar for the Obama administration, says "there is no cyberwar." Talking to Wired.com, Schmidt said, "I think that is a terrible metaphor and I think that is a terrible concept... there are no winners in that environment." Schmidt was speaking while attending  the RSA Security Conference in San Francisco. His stance contradicts Michael McConnell, the former director of national intelligence who made headlines last week when he testified to Congress that the country was already in the midst of a cyberwar. But within the intelligence community, Schmidt's views are in the minority. Maybe he is just keeping his cards close to his chest.

tvnewswatch, Beijing, China

No comments: