Putting Chinese cyber espionage in perspective
Tuesday, 19 January 2010 21:02

Last Tuesday Google announced that they had been hacked by sources in China. The target was email accounts of Chinese activists and bloggers.  An outraged Google threatened to discontinue censoring search results at the Google China search engine google.cn.   Yahoo chimed in in support of Google. Yahoo of course is another Internet company with a history of bowing to Chinese requests including providing information that led to the arrest and imprisonment of Shi Tao, a Chinese journalist who still has four years of his sentence to serve.  
According to the New York Times

“Several human rights advocates in China said last week that their Gmail accounts had been compromised, among them Ai Weiwei, an artist, and Teng Biao, a lawyer.”

In addition, two foreign journalists, one from the Associated Press, claim their gmail accounts were compromised.

Google claims they found evidence of attacks on 33 companies.  Some of these have acknowledged the attacks: Yahoo, Symantec, Northrup Grumman, Dow Chemical, a law firm involved in suing China, Adobe, and even India has gone public with accusations that China has been hacking them.
Chinese cyber espionage should come as no surprise.  A historical perspective is needed to understand how these attacks against Google and others are merely an extension of spying activity that has been documented at least since 2001.
There is a group of foreign intelligence analysts whose job it is to keep an eye on China and interpret what is going on there. Since 2001 these analysts have devoted their efforts to understanding China’s thinking on modern warfare and, in particular, Information Warfare. The body of knowledge they have to work with is extensive and surprising in the level of logic and careful consideration that China’s military theoreticians have applied to what they call the Revolution in Military Affairs (RMA).

Let’s go back a couple of thousand years and examine Sun Tsu’s original treatise on The Art of War. In his book The Craft of Intelligence Allen W. Dulles, father of the CIA, writes:

“To Sun Tsu belongs the credit not only for the first remarkable analysis of the ways of espionage but also for the first written recommendations regarding an organized intelligence service. He points out that the master of intelligence will employ all five kinds of agents simultaneously; he calls this the “Divine Skein.” The analogy is to a fishnet consisting of many strands all joined to a single cord. He comments on counter-intelligence, on psychological warfare, on deception, on security, on fabricators, in short, on the whole craft of intelligence.”

Indeed, Sun Tzu devoted a separate section of The Art of War to the employment of spies. Dulles then says:

“It is no wonder that Sun Tzu’s book is a favorite of Mao-Tse-tung and is required reading for Chinese Communist tacticians. In their conduct of military campaigns and of intelligence collection, they clearly put into practice the teachings of Sun Tzu,”

This from the man in charge of the United States’ intelligence operations during the Cold War when China and the USSR were his primary adversaries.
In his 2004 paper “Sun Tzu’s Strategic Thought and Its Inspiration for Informationized Warfare” presented at the Sixth International Seminar on Sun Tzu’s Art of War, Chai Yuqui of the Nanjiing Army Command Academy called Sun Tzu a grand strategist without parallel in history. (Virtual Dragon p333)
Chinese theoreticians have been considering the implications of Information warfare for two decades. Look at the titles of some of their research:

  • Wang Qingsong, Modern Military-Use High Technology, 1993
  • Zhu Youwen, Feng Yi,and Xu Dechi, Information War Under High Tech Conditions1994
  • Li Qingshan, New Military Revolution and High Tech War, 1995
  • Wang Pufeng, Information Warfare and the Revolution in Military Affairs, Beijing: 1995;
  • Zhu Xiaoli and Zhao Xiaozhuo, The United States and Russia in the New Military Revolution, 1996;
  • Li Qingshan, New Military Revolution and High Tech War, 1995
  • Dai Shenglong and Shen Fuzhen, Information Warfare and Information Security Strategy, 1996
  • Shen Weiguang, On New War, 1997

According to China analyst Timothy L. Thomas (author of Decoding the Virtual Dragon, a publication of the US Army’s Foreign Military Studies Office), Dr. Shen Weiguang is known in China as the father of Information Warfare (IW) theory. Also in 1995, Shen wrote an introductory article on IW for the PLA Daily Newspaper. In it Shen states that the main target of IW is the enemy’s cognitive and trust systems and the goal is to exert control over his actions.

Thomas discovered more interesting thinking in a 2004 article by General Xu Xiaoyan, the former head of the Communications Department of the Chinese General Staff. Xu dissects the realm of Information Warfare. At the granular level he points out the need for:

“Network confrontation technology—intercepting, utilizing, corrupting, and damaging the enemy’s information and using false information, viruses, and other means to sabotage normal information system functions through computer networks.” (Virtual Dragon p. 66)

Thomas goes on to offer the following observations:

“If Xu’s suggestions were accepted, then one might expect to see more active reconnaissance and intelligence activities on the part of the PLA (as seems to be occurring!)”

That exclamation point is Thomas’s and written after Titan Rain(2004) but before the GhostNet report on Chinese hacking of the Dalai Lama’s network (2009). 

China is engaging in systematic industrial and military espionage via the Internet.  Do not be surprised as more and more organizations announce that they too have been targets.  For that matter, do you know if your own organization has been the victim of Chinese cyber spying?

Add New Search
Anonymous   |208.51.101.xxx |2010-01-25 14:28:44
If we take away all the propaganda from many of the comments, I'm wondering
the following:

"Some of these have acknowledged the attacks: Yahoo, Symantec, Northrup
Grumman, Dow Chemical, a law firm involved in suing China, Adobe, and
even India has gone public with accusations that China has been
hacking them.

The attacks that recently occurred on Google stemmed from
compromised machines using IE6. You mean to tell me that Symantec,
Northrup and others were still using IE6. That would mean those
machines didn't have the appropriate patches on them taking them well out
of mandatory compliance (GBLA, SOX, PCI, etc). Whose to blame at the
end of the day other than the administrators at those companies.

Let's get
real shall we?

Forget Blaming Microsoft or Google – Blame Yourself
Anonymous   |216.54.68.xxx |2010-01-27 08:22:36
These attacks are not new and are mapped out in the 1999 book "Unrestricted
Warfare". Please take a look.

Unrestricted Warfare, by Qiao Liang and
Wang Xiangsui (Beijing: PLA Literature and Arts Publishing House, February 1999)


Chesapeake, VA
cheap calls to China  - Let's get real?   |178.16.130.xxx |2010-11-16 13:26:25
Ok people,
there's been a hackers attack on Google... so what ? Thousands of
sites get hacked every day and no one complains
so what's the big deal ?
Dave T   |70.161.20.xxx |2010-11-29 12:25:32
I think some perspective is necessary here. I find it amusing that we like to
point fingers, b@#ch and moan and generally cry foul when our government is
just as guilty as the Chinese in this respect. These corporations have proven,
especially yahoo, that they will sell any of us out to make a buck. This atitude
pervades our entire country. I have to ask myself would China really want to
cause it's biggest customer any lasting harm. The customer that SUPPORTS
probably a third of it's economy. If we really wanted to make china toe the line
all we have to do is stop buying their crap. Seems simple but our two economies
are so bound together we might as well be part of the same country. This has
become a long winded rant so I will end with a quote, "Patriotism is the
virtue of the vicious." Oscar Wilde
[b] [i] [u] [url] [quote] [code] [img] 
Please input the anti-spam code that you can read in the image.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."