Hacking is has been a rising trend within the PRC since the Internet entered the country in 1994 and on November 8th
2012 the Chinese president officially announced, “China will speed up
full military IT applications”. China alone accounts for the largest
national population of Internet users—some 300 million, nearly one-fifth
of the global number.
Ever since the 90’s, creation of a lot of hacking
groups: The Green Corps, The Hong Kong Blonds and the most famous
recent one: the Red Honker Union They created an important hacking
culture in China. Some evidences link civilian hackers to the government
and the States’ creation of a cyber army. Since 1998, according to
Timothy Thomas of the U.S Foreign Military Studies Office, the Chinese
army has even recruited civilians into its ‘net militia units’ (Militia
Information Technology Battalions), the most famous being the unit
61398.The State cyber army: unit 61398
As everything on the Internet, it is
always difficult to prove the origin of a cyber attack. Nevertheless,
the company Mandiant has investigated since 2004 the cyber capacity of
China, especially through the unit 61398 considered as a part of the
Communist Party of China under the Central Military Commission in the
GSD 3rd department (2nd Bureau). Since 2006, a
rising number of cyber attacks are believed to have come from this unit
and most of them targeted the U.S.
The four most important sectors attacked
are: Information Technology, Transportation, High-Tech Electronics and
Financial Services. China seems to base its cyber warfare on a method
often referred as “Acupuncture warfare”: based on attacking critical IT
nodes or pressure points, this method capitalizes on optimizing effects
on adversary vulnerabilities and follows the principle of acupuncture
practiced for medicine—identifying points that serve as “a tunnel, or
access route, to the deeper circulatory channels within”. One
application of this theory would be finding the key choke points or
supply chain vulnerabilities for an enemy military deployments and
influencing them by attacking the supporting civilian infrastructure.
Intents and motivation of the cyber attacks
The first reason for China’s cyber offensive is to gain increased military knowledge through cyber espionage:
China also has an interest in accelerating its military development
since it is still behind the West, especially the U.S. who often has the
lead for new military technology. Different cyber attacks can be quoted
as examples, the most famous being the “Titain Rain” in 2007: a massive
cyber attack against United States defence contractor computer networks
(10 to 20 terabytes including Lockheed Martin and NASA) believed to
come from China. Furthermore, numerous attackers originating in China
have been accused of infiltrating government computers of numerous
countries: the United States, Britain, France, Germany, South Korea, and
Taiwan.
A second motivation is to make economic
gains by stealing technological process. China’s general technological
level is also behind that of the United States, which gives it an
increased incentive for industrial espionage in order to achieve
economic advantage. Numerous attacks believed to come from China
supported this theory: the theft of data from U.S. network security
company RSA Security in 2011. Moreover, in December 2007, the
director-general of the British Security Service (MI5) informed 300
major UK companies that they were under constant attack from “Chinese
state organisations”.
One of the last reasons for China to use
cyber offensive is to deter other States by infiltrating their critical
infrastructure. It puts the other States on notice that any
technological edge it believes it enjoys will not be functional in a
conflict with China. It also reminds China’s restive domestic audience
that unfettered technological advancement alone does not bring security. Deterrence
and possible military actions for this reason could be launching probes
to identify vulnerabilities that could be exploited in armed conflict.
Two main examples of this reason is Operation Aurora in 2009 where the
U.S company Google’s source code has been stolen along with the attack
of Denial of service on the White House website in 1999 after the U.S
attacked the Chinese Embassy.
The characteristics of cyber warfare- Anonymous: China has an interest in avoiding exposure to political and military pressure from the West and the United States. Chinese embassy representative Geng Shuang maintains that the allegations against China are groundless, stating: “The Chinese government prohibits online criminal offenses of all forms, including cyber attacks, and has done what it can to combat such activities in accordance with Chinese law.” The Chinese Defense Ministry in January 2013 stated, “It is unprofessional and groundless to accuse the Chinese military of launching cyber attacks without any conclusive evidence.” Here lies a paradox with one of China’s reason for cyber offensive: anonymity prevent from any possible deterrence: China has to find the equilibrium between anonymous to avoid exposure and famous to create deterrence.
- Cheap: cyber weapons are cheap to build and to use.
- Diverse: cyber weapons can target multiple types of system.
- Timeframe: cyber weapons can act quickly and against multiple targets at the same time.
- Flexible: unlike nukes, a virus or any type of cyber weapon can be used multiple times.
Fitting in the Sun Tzu’s spirit of the
need of information, China focus on cyber capabilities as part of its
strategy of national asymmetric warfare. The Chinese
military and their civilian oversees have hit upon a military strategy
that aims all at once to close the gap between U.S. and Chinese
technological-military prowess. Hence, China considers the cyber domain
to be a battle arena.