Cyberwarfare in China

From Wikipedia, the free encyclopedia
Jump to: navigation, search

The nature of cyberwarfare in China is difficult to assess. Government officials in India and the United States have traced various attacks on corporate and infrastructure computer systems in their countries to computers in China. However, "It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace."[1][2] China has denied accusations of cyberwarfare,[3] and has accused the United States of engaging in cyberwarfare against it, which the US government denies.[4][5][6][7][8][9][10] A number of private computer security firms have stated that they have growing evidence of cyber-espionage efforts originating from China, including the "Comment Group".[11] In May 2014 a Federal Grand Jury in the United States indicted five PLA Unit 61398 officers on charges of theft of confidential business information from U.S. commercial firms and planting malware on their computers.[12][13]

According to former United States National Security Agency contractor Edward Snowden, the NSA has conducted espionage on Chinese universities, businesses and politicians since 2009. Chinese targets included hundreds of organizations and individuals, including the Chinese University of Hong Kong, and were among the 61,000 of hacker attacks carried out by the United States globally.[14][15][16]


Washington, D.C.-based analyst James Mulvenon says that the organization of Chinese operations in cyberwarfare is very clandestine and decentralised, organized around a constantly changing hybrid of official, civilian, and semi-civilian groups.[17] Nationalist groups, he says, such as "patriotic hacker associations", are often used as "foot soldiers" or "proxies".[17]

While China has long been suspected of cyber spying, on May 24, 2011 the People's Liberation Army announced the existence of their cyber security squad.[18]

By nation[edit]


In May 2013, ABC News claimed that China hacked plans for the headquarters of the Australian Security Intelligence Organisation.[19]


Officials in the Canadian government claim that Chinese hackers have compromised several departments within the federal government in early 2011, though the Chinese government has refused involvement.[20]

Canada's Chief Information Officer claims that Chinese hackers compromised computer systems within the National Research Council in 2014.[21]


Officials in the Indian government have alleged that attacks on Indian government networks, such as that of the Indian National Security Council, have originated in China. According to the government, Chinese hackers are experts in operating botnets.[22]

United States[edit]

The United States has accused China of implementing cyberwarfare and cyberespionage against American interests, accessing the networks of important military, commercial, research, and industrial organisations. A Congress advisory group has declared China "the single greatest risk to the security of American technologies"[23] and that "there has been a marked increase in cyber intrusions originating in China and targeting U.S. government and defense-related computer systems".[23] According to the Washington Post, China allegedly manipulates security exploits existing in websites, sending out hijacked email attachments with malicious software. Intrusion is especially worrying since the intruder can control the hijacked computer from a remote location, with the ability to steal important files, monitor the user's activity, and read the user's email.[24] Users are typically unaware that they are being spied; the infected attachment is disguised as a mundane topic from a familiar contact, fooling the user into unwittingly setting off a program that silently infects the person's computer.[25] Traces of the malware are hidden by rootkits, which prevent the person from being aware that data is being stolen.[25]

In January 2010, Google reported on targeted attacks on its corporate infrastructure originating from China "that resulted in the theft of intellectual property from Google". Apparently, the Gmail accounts of two human rights activists were compromised in the raid on Google's password system.[26] American security experts connected the Google attack to various other political and corporate espionage efforts originating from China, including espionage against military, commercial, research, and industrial corporations. Obama administration officials have called the cyberattacks "an increasingly serious cyber threat to US critical industries".[24]

In addition to Google, at least 34 companies have been attacked. Reported cases include Northrop Grumman, Symantec, Yahoo, Dow Chemical, and Adobe Systems.[27] Cyberespionage has been aimed at both commercial and military interests, especially areas in which China lags. Technology companies have claimed that China has sought out source code,[28] along with general information on weapon systems, to develop the software that China needs in both its economic and military pursuits. The source code was stolen using vulnerabilities found in Adobe Reader, which the hackers used to spread malicious software.[28] Chinese cyberattacks have emphasized what senior US Government officials have said is an increasingly serious cyber threat to US critical industries.

China has denied accusations of cyberwarfare,[3] and has accused the United States of engaging in cyberwarfare against it, accusations which the United States denies.[4] Wang Baodong of the Chinese Embassy in the United States responded that the accusations are a result of sinophobic paranoia.[3] He states that, "China would never do anything to harm sovereignty or security of other countries. In conformity with such national policies, the Chinese government has never employed, nor will it employ so-called civilian hackers in collecting information or intelligence of other countries. Allegations against China in this respect are totally unwarranted, which only reflect the dark mentality of certain people who always regard China as a threat."[3] Amitai Etzioni of the Institute for Communitarian Policy Studies has suggested that cyberspace could be a fruitful realm for the United States and China to implement a policy of mutually assured restraint. This would involve allowing both states to take the measures they deem necessary for their self-defense while simultaneously agreeing to refrain from taking offensive steps; it would also entail vetting these commitments.[29]

Diplomatic cables highlight US concerns that China is using access to Microsoft source code and 'harvesting the talents of its private sector' to boost its offensive and defensive capabilities.[30]

As of March 2013, high level discussions continued.[31]

In September 2014, Senate Armed Services Committee's probe found : Hackers associated with the Chinese government have repeatedly infiltrated the computer systems of U.S. airlines, technology companies and other contractors involved in the movement of U.S. troops and military equipment.[32] In October 2014, The U.S. Federal Bureau of Investigation said that hackers it believes to be backed by the Chinese government have recently launched attacks on U.S. companies.[33]


Although the vast majority of experts have concluded that the Stuxnet virus targeting Iran originated from Israel,[34][35][36] which is known to engage in cyberwarfare, American cyberwarfare expert Jeffrey Carr has implicated China as one of the possible states where Stuxnet could have originated. His rationale is that the countries Stuxnet targeted happened to be rich in resources such as copper, gold, and iron ore, that are especially important for China in a period of high economic growth.[37] However, China has also been a victim of the Stuxnet virus. The virus has reportedly infected millions of computers in the nation, wreaking much havoc, because the virus can control industrial machinery.[38]

IP hijacking[edit]

In late November 2010, a U.S. Defense Department spokesman said the department was aware that Internet traffic was rerouted briefly through China earlier in the year. The United States-China Economic and Security Review Commission charged in its annual report that state-owned China Telecom advertised erroneous network routes that instructed "massive volumes" of U.S. and other foreign Internet traffic to go through Chinese servers during an 18-minute stretch on April 8. China's Foreign Ministry condemned the commission's report, while China Telecom separately denied the charge that it "hijacked" U.S. Internet traffic.[39]

See also[edit]


  1. ^ Gorman, Siobhan (April 8, 2009). "Electricity Grid in U.S. Penetrated By Spies". The Wall Street Journal. Retrieved November 2, 2010. 
  2. ^ "Power Grid Penetrated?". Fox News. 
  3. ^ a b c d "China's Response to BusinessWeek". BusinessWeek. April 10, 2008. Retrieved February 12, 2013. 
  4. ^ a b Zetter, Kim (January 25, 2010). "China Accuses US of Cyberwarfare". Wired. Retrieved October 23, 2010. 
  5. ^ Nakashima, Ellen, "Report on ‘Operation Shady RAT’ identifies widespread cyber-spying", Washington Post, August 3, 2011.
  6. ^ Anderlini, Jamil (January 15, 2010). "The Chinese dissident’s ‘unknown visitors’". Financial Times. 
  7. ^ "China Denies Role in Reported Government of Canada Hack". PCWorld. February 17, 2011. Retrieved February 17, 2011. 
  8. ^ Macartney, Jane (December 5, 2007). "China hits back at 'slanderous and prejudiced' alert over cyber spies". The Times (London). Retrieved April 7, 2008. 
  9. ^ Barnes, Julian E. (March 4, 2008). "China's computer hacking worries Pentagon". Los Angeles Times. Archived from the original on March 10, 2008. Retrieved March 4, 2008. 
  10. ^ Brookes, Peter (March 13, 2008). "Flashpoint: The Cyber Challenge: Cyber attacks are growing in number and sophistication". Family Security Matters. Retrieved April 7, 2008. 
  11. ^ Riley, Michael, and Dune Lawrence, "Hackers Linked to China’s Army Seen From EU to D.C.", Bloomberg L.P., 27 July 2012
  12. ^ Finkle, J., Menn, J., Viswanatha, J. U.S. accuses China of cyber spying on American companies. Reuters, Mon May 19, 2014 6:04pm EDT.
  13. ^ Clayton, M. US indicts five in China's secret 'Unit 61398' for cyber-spying. Christian Science Monitor, May 19, 2014
  14. ^ Warren, Lydia (June 12, 2013). "NSA whistleblower Edward Snowden says U.S. government has been hacking Chinese universities, businesses and politicians for FOUR YEARS as he finally breaks cover". Daily Mail (London). 
  15. ^
  16. ^ "Snowden says U.S. hacking targets China; NSA points to thwarted attacks". The Japan Times. 
  17. ^ a b Elegant, Simon (November 18, 2009). "Cyberwarfare: The Issue China Won't Touch". Time Magazine. Retrieved October 25, 2010. 
  18. ^ Beech, Hannah. "Meet China's Newest Soldiers: An Online Blue Army." Time Magazine, May 27, 2011.
  19. ^ "George Brandis briefed by ASIO on claims China stole classified blueprints of Canberra headquarters". ABC News. 
  20. ^ "Foreign hackers attack Canadian government". CBC. February 16, 2011. Retrieved February 17, 2011. 
  21. ^ "Chinese cyberattack hits Canada's National Research Council". CBC. July 29, 2014. Retrieved July 29, 2014. 
  22. ^ "China mounts cyber attacks on Indian sites". Times of India (India). May 5, 2008. Retrieved October 25, 2010. 
  23. ^ a b Claburn, Thomas. "China Cyber Espionage Threatens U.S., Report Says". InformationWeek. Retrieved November 1, 2010. 
  24. ^ a b Cha, Ariana Eunjung and Ellen Nakashima, "Google China cyberattack part of vast espionage campaign, experts say," The Washington Post, January 14, 2010.
  25. ^ a b McMillan, Robert. "Report Says China Ready for Cyber-war, Espionage". PC World. Retrieved November 1, 2010. 
  26. ^ "Google cyberattack hit password system" NY Times, Reuters, April 19, 2010.
  27. ^ Jacobs, Andrew; Helft, Miguel (January 12, 2010). "Google, Citing Attack, Threatens to Exit China". The New York Times. Retrieved November 1, 2010. 
  28. ^ a b Zetter, Kim (January 13, 2010). "Google Hackers Targeted Source Code of More Than 30 Companies". Wired. Retrieved November 1, 2010. [dead link]
  29. ^ Etzioni, Amitai, "MAR: A Model for US-China Relations," The Diplomat, September 20, 2013, [1].
  30. ^ "US embassy cables: China uses access to Microsoft source code to help plot cyber warfare, US fears". The Guardian (London). December 4, 2010. Retrieved December 31, 2010. 
  31. ^ U.S. Presses on Cyberthreats; In Beijing, Treasury Secretary Frames Issue as a Top Priority in Ties With China March 20, 2013 Wall Street Journal
  32. ^ Chinese hacked U.S. military contractors, Senate panel finds September 18, 2014
  33. ^ FBI warns U.S. businesses of cyber attacks, blames Beijing October 16, 2014
  34. ^ Halliday, Josh (September 24, 2010). "Stuxnet worm is the 'work of a national government agency'". The Guardian (London). Retrieved September 27, 2010. 
  35. ^ Hounshell, Blake (September 27, 2010). "6 mysteries about Stuxnet". Foreign Policy. Retrieved September 28, 2010. 
  36. ^ "The Stuxnet worm: A cyber-missile aimed at Iran?". The Economist. September 24, 2010. Retrieved September 28, 2010. 
  37. ^ Miks, Jason. "Was China Behind Stuxnet?". The Diplomat. Retrieved October 25, 2010. 
  38. ^ "Stuxnet 'cyber superweapon' moves to China". Yahoo! News. Retrieved October 25, 2010. 
  39. ^ Wolf, Jim (November 19, 2010). "Pentagon says "aware" of China Internet rerouting". Reuters. Retrieved November 26, 2010.