DoD Outlines China's Spying on U.S. ITAttacks Focus on Diplomatic, Economic and Defense Intelligence
A new Defense Department report directly accuses the Chinese military and government of consistently targeting the computers of governments worldwide, including the United States, to collect intelligence.
In its annual report to Congress on Chinese military and security developments in 2012, issued May 6, the Pentagon says China's intrusions focused on exfiltrating information about American diplomatic, economic and defense industry activities.
"The information targeted could potentially be used to benefit China's defense industry, high technology industries and policymaker interest in U.S. leadership thinking on key China issues," the report says.
At a briefing to address China's cybercapabilities, David Helvey, DoD deputy assistant secretary of defense for East Asia, says the Chinese army continues to develop doctrine, training and exercises that emphasize information technology and operations.
China's intensive campaign to spy on U.S. military and government computers has received much attention in the past year. Last fall, Congress held hearings about how the Chinese government could use its high-tech vendors to adapt technology sold to the U.S. to spy on computer systems [see House Panel: 2 Chinese Firms Pose IT Security Risks]. The IT security company Mandiant in February issued a scathing report detailing the activities of a Chinese military unit to spy on the United States [see 6 Types of Data Chinese Hacker Pilfer]. Top military and defense leaders, including President Obama, have said they have raised concerns about e-spying with Chinese leaders [see Obama Raises IP Theft with New China Leader].
What's significant about the new Pentagon report is the straightforward approach it takes to accuse the Chinese military of targeting critical U.S. government and military systems to strengthen its economic and military presence in the world. The report, though, doesn't identify specific systems breached, provide an assessment of the success of the intrusions or document specific methods used to hack into systems.
Also missing from the report was any mention of American activities to spy on foreign governments, including China. Gen. Keith Alexander, commander of the Cyber-Command and director of the National Security Agency, earlier this year announced plans to form offensive cyber-units aimed to attack foreign computers if necessary.
The 92-page report says the pilfered information could give Chinese military planners a picture of U.S. defense networks, logistics, and related military capabilities that could be exploited during a crisis.
"Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks," says the report, which references a Chinese 2010 Defense white paper that notes China's own concern over foreign cyber-warfare efforts and highlighted the importance of cybersecurity in China's national defense.
3 Key Areas
The DoD report identifies three key areas in which the e-spying could benefit China's cyber-warfare capabilities:
- Allow data collection for intelligence and computer network attack actions;
- Constrain an adversary's actions or slow response time by targeting network-based logistics, communications and commercial activities; and
- Serve as a force multiplier when coupled with kinetic attacks during times of crisis or conflict.
The report says China's development of cybercapabilities for warfare is consistent with authoritative Chinese military writings. According to the report, two military doctrinal writings, Science of Strategy, and Science of Campaigns, identify information warfare as integral to achieving information superiority and an effective means for countering a stronger foe. Neither document identifies the specific criteria for employing a computer network attack against an adversary, though they both advocate developing capabilities to compete in this medium.
Pentagon analysts also note China's increased diplomatic engagement and advocacy in multilateral and international forums where cyber-issues are discussed and debated. "Beijing's agenda is frequently in line with Russia's efforts to promote more international control over cyber-activities," the report says. "China and Russia continue to promote an information security code of conduct that would have governments exercise sovereign authority over the flow of information and control of content in cyberspace."
The DoD report contends both governments continue to play a disruptive role in multilateral efforts to establish transparency and confidence-building measures in international forums. "Although China has not yet agreed with the U.S. position that existing mechanisms, such as international humanitarian law, apply in cyberspace, Beijing's thinking continues to evolve," the report says.