The Chinese military possesses dangerous first-strike cyberwar capabilities that include special units charged with developing viruses to attack enemy computer networks, a U.S. Department of Defense (DoD) report has warned.
“The PLA [People’s Liberation Army] has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks,” the Pentagon’s annual report to Congress on China’s military power said.
“In 2005, the PLA began to incorporate offensive CNO [computer network operations] into its exercises, primarily in first strikes against enemy networks.”
The report shows how the Chinese military’s thinking on information warfare has changed in recent years, says Andrew Macpherson, director of the technical analysis group at the University of New Hampshire’s Justiceworks and a research assistant professor of Justice Studies.
Macpherson, a cybercrime and cyberwar researcher whose group debuted a Cyber Threat Calculator in January at a DoD cybercrime conference, noted that as recently as two years ago, other editions of the report stressed China’s investments in defensive measures.
“The Chinese were a lot more concerned about our viruses because they were using off-the-shelf [Western] software,” Macpherson said. “Now there’s no mention of that, and much more of the discussion is about first-strike capabilities.”
Even though the report’s short section on information warfare is necessarily vague, “it’s a good window into what our government is seeing from China,” says Macpherson. “It’s the highest level of unclassified American thought on China’s capabilities and how they would use them.”
Most analysts have pointed to Taiwan, the island nation that the People’s Republic of China (PRC) views as a rogue province, as the location of any possible first strike by the PLA, cyberwarfare or otherwise. “Taiwan is their primary national security issue,” notes Macpherson.
The DoD report puts it into perspective. “A limited military campaign could include computer network attacks against Taiwan’s political, military and economic infrastructure to undermine the Taiwan population’s confidence in its leadership.”
China’s work with viruses dates back to at least the late 1990s, when a PLA exercise featured both network attacks and virus-killing software, according to Timothy Thomas of the Foreign Military Studies Office at Fort Leavenworth, in a paper written in 2000.
In that paper , Thomas also spelled out how the information revolution had given new life to Mao Zedong’s 70-year-old theories of a people’s war. Thomas pointed to a 1999 “network battle” fought between Chinese and American hackers after the U.S. bombed the Chinese embassy in Belgrade as an example.
If the circumstances were right, says Macpherson, China might be willing to unplug from the Internet and attack the Web as a whole. But the Communist country needn’t strike first to have an impact, he adds. “Long-term attacks can work too. They can get access to intellectual property, and publish it. Or taint data so that [one] couldn’t be sure that backups were reliable.”
China’s Foreign Ministry has criticized the DoD report, but did not mention cyberwarfare specifically. Spokesperson Jiang Yu said in a statement the U.S. “continues to spread myth of the ‘China Threat’ by exaggerating China’s military strength and expenses out of ulterior motives.
“As a peace-loving country, China steadfastly follows a road of peaceful development, adopting a national defence policy that is defensive in nature,” she added.
Jiang also reiterated China’s policy on Taiwan . “We will never tolerate the ‘Taiwan Independence’ or any attempt by anyone to separate Taiwan from China by whatever means.” Jiang also called on the U.S. to stop arms sales to Taiwan and end military ties with the island.
Related content:
Cyber crisis test sends Feds back to security school
Security on her mind: Interview with Julie Spallin, CCIRC manager
The state of security and emergency services in Canada
U.S. lacks cybersecurity leadership, say lawmakers