China is well known for its global cyber espionage efforts. And while the United States has received most of the media attention given to cyber attacks, we are not the only ones dealing with this issue. India is now pointing the finger at China, claiming they have systematically launched a series of attacks on sensitive information systems and networks of Indian agencies. India rapidly responded and now has cyber-security forces down to the division-level to guard against cyber wars. But is that really enough given China’s stated ambitions?
China’s Cyber Warfare Doctrine is designed to achieve global “electronic dominance” by 2050 which would include the capability of disruption of the information infrastructure of their enemies. This doctrine includes strategies that would disrupt financial markets, military and civilian communications capabilities as well as other parts of the enemy’s critical infrastructure prior to the initiation of traditional military operations. With all the attacks that have been attributed to China, there has to be significant intelligence out there about techniques, cyber weapons and strategies that have been used in these cyber assaults. The proliferation of China’s cyber capabilities will be the topic of a Congressional hearing in DC on May 20th. This hearing will examine “China’s Proliferation Practices and the Development of its Cyber and Space Warfare Capabilities.”
Military and intelligence sources have known that Chinese cyber forces have developed these detailed plans for cyber attacks against the United States and others. It is believed that the plans for such an attack were drawn under the direction of the People’s Liberation Army (PLA).
China has a significant cyber weapons and intelligence infrastructure in place today. What is alarming is not only do they have the intent, but they have the money. Beijing has the world’s second or third largest defense budget depending on where you look for the numbers. Their military budget has been on the rise at 10 percent or more a year for over a decade. This, as well as the attacks, are evidenced by their cyber operational ability to scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems in the US, Germany, UK and India. In addition, in April 2007, Sami Saydjari, who has worked on cyber defense systems for the Pentagon since the 1980s, told Congress: “The situation is grave, with nation-states such as China developing serious offensive capabilities.”
Recent attacks on the United States and India have brought this threat to the forefront. While diplomatic efforts to address these attacks have been initiated, virtually no progress has been made, according to individuals close to the issue. The following information has been provided by Spy-Ops and represents their assessment of China’s current cyber capabilities.
China People’s Liberation Army (PLA)
Military Budget: $62 Billion USD
Global Rating in Cyber Capabilities: Number Two
Cyber Warfare Budget: $55 Million USD
Offensive Cyber Capabilities: 4.2 (1 = Low, 3 = Moderate and 5 = Significant)
Cyber Weapons Arsenal:
In Order of Threat — Large, advanced BotNet for DDos and espionage
Electromagnetic pulse weapons (non-nuclear)
Compromised counterfeit computer hardware
Compromised computer peripheral devices
Compromised counterfeit computer software
Zero-day exploitation development framework
Advanced dynamic exploitation capabilities
Wireless data communications jammers
Computer viruses and worms
Cyber data collection exploits
Computer and networks reconnaissance tools
Embedded Trojan time bombs (suspected)
Compromised microprocessors & other chips (suspected)
Cyber Weapons Capabilities Rating: Advanced
Cyber force Size: 10,000 +
Broadband Connections: More than 55 million
China’s Hacker Community: Honker Union, Red Hackers Alliance (The 5th largest hacking organization in the world.)
China’s Software Industry: In Q1 2007, the software industry RMB 96.7 billion with a year-on-year increase of 26.9%.
In Q1 2008, China recorded RMB 144.36 billion in software industry sales revenue, up sharply year-on-year.
From all this information one can only conclude that China has the intent and technological capabilities necessary to carry out a cyber attack anywhere in the world at any time. Nations around the world can no longer ignore the advanced threat that China’s cyber warfare capabilities may have today and the ones they aspire to have in the near future. Just recently Belgian justice minister, Jo Vandeurzen, claimed that attacks against the Belgian Federal Government originated from China and are most likely sanctioned by Beijing. The Belgian minister of foreign affairs, Karel De Gucht, told their parliament that his ministry is the subject of cyber-espionage by Chinese cyber agents. This is just the tip of the iceberg. Spy-Ops believes that an estimated 140 countries will be working on their cyber weapons by the end of 2008 and that in the next five years we will see countries and extremist groups jockeying for cyber supremacy.