« Previous · Home · Next »

China Identified as Source of World Cyber-Attacks

By Charlie

America has become an information society, and is dependent on a variety of networks to support day-to-day economic and social demands. Cell phone, internet, power, water, road, and flight networks are all essential to the economic engine that powers America. Many of these systems are dependent on information technology to operate, which places them in danger of being susceptible to cyber attack. Like a bomb on a bridge, malicious code uploaded to an infrastructure network could have the same disastrous effect: off-lining a critical system and causing millions of dollars of damage. Concerns over cyber terrorism have been around for years, but recently, the US and British governments identified a source of world-wide cyber attacks: China.
U.S., British officials target Chinese as source of cyberattacks

High-ranking officials in the United Kingdom and the United States have for the first time publicly identified the Chinese government as the source of cyberattacks, warning that China has penetrated both government and business networks with potentially disastrous consequences.

Jonathan Evans, director-general of MI5, the U.K.'s counterintelligence and security service, told British companies last week that they were under attack by "Chinese state organizations," The Times of London reported Saturday.

Marine Gen. James Cartwright, the vice chairman of the Joint Chefs of Staff, has portrayed the effects of large-scale Chinese-backed denial-of-service attacks against U.S systems and networks as potentially having an effect equal to "the magnitude of a weapon of mass destruction." The characterization came in a little-noticed report to Congress released by the U.S.-China Economic and Security Review Commission late last month.

Is it state supported terrorism? or an act of war?

More:


Cartwright testified before the U.S.-China Economic and Security Review Commission in March, when he was still head of the U.S. Strategic Command, which has responsibility for information operations in the Defense Department. He told the commission that China currently has a larger capability to conduct denial-of-service attacks than any other country, and such attacks have "the potential to cause cataclysmic harm if conducted against the United States on a large scale."

He testified that the Chinese are making "plans to use this type of capability in a military context." He added, "I don't think the [United States] has gotten its head around this issue yet, but I think we should start to consider that the regret factors associated with a cyberattack could, in fact, be in the magnitude of a weapon of mass destruction."

China also is "actively engaging in cyber reconnaissance" by probing the computer networks of U.S. government agencies as well as private companies, Cartwright said. The data collected from these probes, he told the commission, could be used to identify weak points in U.S. networks, discover the communications patterns of government agencies and obtain valuable information stored throughout networks.

Cyberterrorism is defined as a type of terrorism, which is defined by the Department of Defense (Dir 200.1), as The calculated use of unlawful violence, or threat of unlawful violence used to inculcate fear and intended to coerce or intimidate governments or societies in the pursuit of goals that are generally political, religious, or ideological. Cyberterrorism describes a type of “unlawful violence” i.e., computer network attack (CNA) and computer network operations (CNO). Cyberterrorism denotes a use of Electronic Attack that represents an attempt to “inculcate fear and intended to coerce or intimidate governments or societies in the pursuit of goals that are generally political, religious, or ideological.”


In military terms an electronic attack (EA) is equal to shooting a weapon at the enemy, therefore, jamming enemy communications is an act of war. Cyber-attacks, or attacks using information systems to cause disruption, are rooted in two main areas, CNA and CNO. CNO is mainly reconnaissance and intelligence gathering, exploiting enemy systems to satisfy intelligence requirements or collect data that can facilitate CNA. Terrorists and criminals (state-supported or not) could use CNO to gather information on targets, arrival and departure times, or operational information that could aid their goals. CNA is actually executing a cyber-attack on an enemy network, such as a DOS (denial of service) attack, or uploading of malicious code. This could either disrupt, or off-line the enemy system. US government agencies and private companies must take cyber-attacks into account when planning defensive strategies against terrorism. Even though China was named in the above report as a major exporter of cyber-crime, it is unlikely that this will change in the future.

December 7, 2007 05:39 AM    China

TrackBack

TrackBack URL for this entry:
http://op-for.com/mt/mt-tb.cgi/1419

Comments

FYI:

CNO which stands for Computer Network Operations, is a term that is inclusive of CND, CNE, and CNA.

CND = Computer Network Defense, nuff said.
CNE = Computer Network Exploitation is the gathering of intelligence, recon, etc, what was were called CNO in the article.

CNA = Computer Network Attack.


J "Ish", CISSP and Info Assurance Master's student UMUC

isnala   ·  December 7, 2007 07:48 AM

Russia has also participated in cyberattacks. After Estonia removed a statue of a red army soldier from a town center, Russia attacked all of estonia's government websites and IT infrastructure.

S   ·  December 7, 2007 09:18 AM

Post a comment

Potential comment conditions listed here. Oh, and you may use basic HTML for formatting.





Remember Me?

(you may use HTML tags for style)


Please enter the security code you see here