Chinese cyberwarfare
China is both the world's second-largest economy and a nuclear weapons state with the world's second-largest defense budget. Chinese Information Operations and Information Warfare includes the concept of “network warfare”, which is roughly analogous to the United States concept of cyber-warfare.[1] Foreign Policy magazine provided an estimated range for China's "hacker army" personnel, anywhere from 50,000 to 100,000 individuals.[2]
Western countries have long accused China of aggressive espionage,[3][4][5] and while investigations have traced various attacks on corporate and infrastructure computer systems to have originated in China, "it is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace."[6][7] China has denied these accusations of cyber-warfare[8] and has, in turn, accused the United States of engaging in cyber-warfare against China - a claim the US government denies.[9][10][11][12][13]
Organization
While some details remain unconfirmed, it is understood that China organizes its resources as follows:
- “Specialized military network warfare forces” (Chinese: 军队专业网络战力量) - Military units specialized in network attack and defense.
- "PLA - authorized forces” (授权力量) - network warfare specialists in the Ministry of State Security (MSS) and the Ministry of Public Security (MPS).
- “Non-governmental forces” (民间力量) - civilian and semi-civilian groups that spontaneously engage in network attack and defense.[14]
In response to claims that Chinese universities, businesses, and politicians have been subject to cyber espionage by the United States National Security Agency since 2009,[15][16] the PLA announced a cyber security squad in May 2011 to defend their own networks.[17]
Accusations of espionage
Organizations, companies, and governments in multiple countries have alleged incidents of hacking or espionage committed by China.
Australia
In May 2013, ABC News claimed that China stole blueprints to the headquarters of the Australian Security Intelligence Organisation.[18]
Canada
Officials in the Canadian government claimed that Chinese hackers compromised several departments within the federal government in early 2011, though the Chinese government has denied involvement.[19]
In 2014, Canada's Chief Information Officer claimed that Chinese hackers compromised computer systems within the National Research Council.[20]
India
Officials in the Indian government believe that attacks on Indian government networks, such as the attack on the Indian National Security Council, have originated from China. According to the Indian government, Chinese hackers are experts in operating botnets, of which were used in these attacks.[21]
Additionally, other instances of Chinese cyberattacks against India's cyberspace have been reported in multitude.[22]
United States
The United States of America has accused China of cyberwarfare attacks that targeted the networks of important American military, commercial, research, and industrial organisations. A Congressional advisory group has declared China "the single greatest risk to the security of American technologies"[23] and "there has been a marked increase in cyber intrusions originating in China and targeting U.S. government and defense-related computer systems".[23][24][25]
In January 2010, Google reported targeted attacks on its corporate infrastructure originating from China "that resulted in the theft of intellectual property from Google." Gmail accounts belonging to two human rights activists were compromised in an attack on Google's password system.[26] American security experts connected the Google attack to various other political and corporate espionage efforts originating from China, which included spying against military, commercial, research, and industrial corporations. Obama administration officials called the cyberattacks "an increasingly serious cyber threat to US critical industries." [24]
In addition to Google, at least 34 other companies have been attacked. Reported cases include Northrop Grumman, Symantec, Yahoo, Dow Chemical, and Adobe Systems.[27] Cyber-espionage has been aimed at both commercial and military interests.[28]
Diplomatic cables highlight US concerns that China is exploiting its access to Microsoft source code to boost its offensive and defensive capabilities.[29]
A number of private computer security firms have stated that they have growing evidence of cyber-espionage efforts originating from China, including the "Comment Group".[30]
China has denied accusations of cyberwarfare,[8] and has accused the United States of engaging in cyber-warfare against it, accusations which the United States denies.[9] Wang Baodong of the Chinese Embassy in the United States responded that the accusations are a result of Sinophobic paranoia.[8] He states that "China would never do anything to harm the sovereignty or security of other countries. In conformity with such national policies, the Chinese government has never employed, nor will it employ so-called civilian hackers in collecting information or intelligence of other countries. Allegations against China in this respect are unwarranted, which only reflect the dark mentality of certain people who always regard China as a threat."[8]
During March 2013, high-level discussions continued.[31]
In May 2014, a Federal Grand Jury in the United States indicted five PLA Unit 61398 officers on charges of theft of confidential business information from U.S. commercial firms and planting malware on their computers.[32][33]
In September 2014, a Senate Armed Services Committee probe revealed hackers associated with the Chinese government committing various intrusions of computer systems belonging to U.S. airlines, technology companies and other contractors involved with the movement of U.S. troops and military equipment,[34] and in October 2014, The FBI added that hackers, who they believe to be backed by the Chinese government, have recently launched attacks on U.S. companies.[35]
In 2015, the U.S Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting the records of as many as 21.5 million people.[36] The Washington Post reported that the attack came from China, citing unnamed government officials.[37] FBI director James Comey explained "it is a very big deal from a national security perspective and a counterintelligence perspective. It's a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government."[38]
In 2019, a study showed continued attacks on the US Navy and its industrial partners.[39]
In February 2020, a US federal grand jury charged four members of China's People's Liberation Army with the 2017 Equifax hack.[40] The official account of FBI stated on Twitter that they played a role in "one of the largest thefts of personally identifiable information by state-sponsored hackers ever recorded", involving "145 million Americans".[41]
The Voice of America reported in April 2020 that "U.S. intelligence agencies concluded the Chinese hackers meddled in both the 2016 and 2018 elections" and "there have already been signs that China-allied hackers have engaged in so-called "spear-phishing" attacks on American political targets" ahead of the 2020 United States elections.[42]
Taiwan
Comparing the semiconductor industry in China and Taiwan today, Taiwan is the leader in terms of overall competitiveness. On 6 August 2020, Wired, which is a monthly American magazine, published a report. In this report, it stated that “Taiwan has faced existential conflict with China for its entire existence and has been targeted by China's state-sponsored hackers for years. But an investigation by one Taiwanese security firm has revealed just how deeply a single group of Chinese hackers was able to penetrate an industry at the core of the Taiwanese economy, pillaging practically its entire semiconductor industry.” [43]
Vatican
In 2020 Chinese hackers (supposedly part of the Chinese communist party, RedDelta[44]) hacked the Vatican's network.
IP hijacking
During 18 minutes on April 8, 2010, state-owned China Telecom advertised erroneous network routes that instructed "massive volumes" of U.S. and other foreign Internet traffic to go through Chinese servers. A US Defense Department spokesman told reporters that he did not know if "we've determined whether that particular incident ... was done with some malicious intent or not" and China Telecom denied the charge that it "hijacked" U.S. Internet traffic.[45]
See also
- 2011 Canadian government hackings
- Beijing–Washington cyber hotline
- Chinese intelligence activity abroad
- Cyberwarfare by Russia
- Death of Shane Todd
- GhostNet
- Google China
- Honker Union
- Operation Aurora
- Operation Shady RAT
- Titan Rain
- People's Liberation Army Strategic Support Force
- PLA Unit 61398
- Red Apollo
References
- "China’s Evolving Perspectives on Network Warfare: Lessons from the Science of Military Strategy" Archived December 8, 2015, at the Wayback Machine, April 16, 2015, Joe McReynolds, jamestown.org
- "China's Hacker Army Archived March 9, 2017, at the Wayback Machine". Foreign Policy.
- Gorman, Siobhan (April 8, 2009). "Electricity Grid in U.S. Penetrated By Spies". The Wall Street Journal. Archived from the original on June 25, 2018. Retrieved April 1, 2011.
- Power Grid Penetrated?. Fox News Channel. December 22, 2009. Retrieved April 1, 2011.
- Krekel, Bryan (2009), Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation (PDF), Northrop Grumman, archived from the original (PDF) on February 3, 2011
- Gorman, Siobhan (April 8, 2009). "Electricity Grid in U.S. Penetrated By Spies". The Wall Street Journal. Archived from the original on June 25, 2018. Retrieved November 2, 2010.
- "Power Grid Penetrated?". Fox News. Archived from the original on August 30, 2020. Retrieved August 30, 2020.
- "China's Response to BusinessWeek". BusinessWeek. April 10, 2008. Archived from the original on October 25, 2012. Retrieved February 12, 2013.
- Zetter, Kim (January 25, 2010). "China Accuses US of Cyberwarfare". Wired. Archived from the original on December 28, 2010. Retrieved October 23, 2010.
- Nakashima, Ellen, "Report on ‘Operation Shady RAT’ identifies widespread cyber-spying Archived April 24, 2020, at the Wayback Machine", The Washington Post, August 3, 2011.
- Anderlini, Jamil (January 15, 2010). "The Chinese dissident's 'unknown visitors'". Financial Times. Archived from the original on September 10, 2010. Retrieved August 3, 2011.
- Barnes, Julian E. (March 4, 2008). "China's computer hacking worries Pentagon". Los Angeles Times. Archived from the original on March 10, 2008. Retrieved March 4, 2008.
- Brookes, Peter (March 13, 2008). "Flashpoint: The Cyber Challenge: Cyber attacks are growing in number and sophistication". Family Security Matters. Archived from the original on March 29, 2008. Retrieved April 7, 2008.
- Elegant, Simon (November 18, 2009). "Cyberwarfare: The Issue China Won't Touch". Time Magazine. Archived from the original on October 24, 2010. Retrieved October 25, 2010.
- "Archived copy". Archived from the original on March 6, 2019. Retrieved August 26, 2017.CS1 maint: archived copy as title (link)
- "Snowden says U.S. hacking targets China; NSA points to thwarted attacks". The Japan Times. June 14, 2013. Archived from the original on June 15, 2013. Retrieved June 13, 2013.
- Beech, Hannah. "Meet China's Newest Soldiers: An Online Blue Army." Archived May 27, 2011, at the Wayback Machine Time, 27 May 2011.
- "George Brandis briefed by ASIO on claims China stole classified blueprints of Canberra headquarters". ABC News. May 29, 2013. Archived from the original on May 30, 2013. Retrieved May 29, 2013.
- "Foreign hackers attack Canadian government". CBC. February 16, 2011. Archived from the original on February 18, 2011. Retrieved February 17, 2011.
- "Chinese cyberattack hits Canada's National Research Council". CBC. July 29, 2014. Archived from the original on July 29, 2014. Retrieved July 29, 2014.
- "China mounts cyber attacks on Indian sites". Times of India. India. May 5, 2008. Archived from the original on August 26, 2011. Retrieved October 25, 2010.
- "'നിശബ്ദ യുദ്ധ'ത്തിന് പിന്നിൽ ചൈന; ടാർഗറ്റ് ഇന്ത്യയും അമേരിക്കയും". ManoramaOnline. Archived from the original on June 6, 2018. Retrieved June 6, 2018.
- Claburn, Thomas. "China Cyber Espionage Threatens U.S., Report Says". InformationWeek. Archived from the original on February 27, 2010. Retrieved November 1, 2010.
- Cha, Ariana Eunjung and Ellen Nakashima, "Google China cyberattack part of vast espionage campaign, experts say," The Washington Post, January 14, 2010.
- McMillan, Robert (October 23, 2009). "Report Says China Ready for Cyber-war, Espionage". PC World. Archived from the original on April 2, 2010. Retrieved November 1, 2010.
- "Google cyber attack hit password system" NY Times, Reuters, April 19, 2010.
- Jacobs, Andrew; Helft, Miguel (January 12, 2010). "Google, Citing Attack, Threatens to Exit China". The New York Times. Archived from the original on March 17, 2014. Retrieved November 1, 2010.
- Zetter, Kim (January 13, 2010). "Google Hackers Targeted Source Code of More Than 30 Companies". Wired. Archived from the original on September 18, 2010. Retrieved November 1, 2010.
- "US embassy cables: China uses access to Microsoft source code to help plot cyber warfare, US fears". The Guardian. London. December 4, 2010. Archived from the original on October 8, 2014. Retrieved December 31, 2010.
- Riley, Michael, and Dune Lawrence, "Hackers Linked to China’s Army Seen From EU to D.C. Archived January 11, 2015, at the Wayback Machine", Bloomberg L.P., 27 July 2012
- The U.S. Presses on Cyberthreats; In Beijing, Treasury Secretary Frames Issue as a Top Priority in Ties With China Archived May 18, 2017, at the Wayback Machine March 20, 2013 The Wall Street Journal
- Finkle, J., Menn, J., Viswanatha, J. U.S. accuses China of cyber spying on American companies. Archived October 6, 2014, at the Wayback Machine Reuters, Mon May 19, 2014 6:04pm EDT.
- Clayton, M. US indicts five in China's secret 'Unit 61398' for cyber-spying. Archived May 20, 2014, at the Wayback Machine Christian Science Monitor, May 19, 2014
- Chinese hacked U.S. military contractors, Senate panel finds Archived March 22, 2018, at the Wayback Machine September 18, 2014 Reuters
- FBI warns U.S. businesses of cyber attacks, blames Beijing Archived March 22, 2018, at the Wayback Machine October 16, 2014 Reuters
- Peterson, Andrea (September 24, 2015). "OPM says 5.6 million fingerprints stolen in the biggest cyber attack in US history. America doesn't have anything together this is why this happened". Independent. Archived from the original on September 15, 2017. Retrieved August 26, 2017.
- Sanders, Sam (June 4, 2015). "Massive Data Breach Puts 4 Million Federal Employees' Records At Risk". NPR. Archived from the original on June 5, 2015. Retrieved April 5, 2018.
- "Hacks of OPM databases compromised 22.1 million people, federal authorities say Archived July 26, 2018, at the Wayback Machine". The Washington Post. July 9, 2015.
- Gordon Lubold and Dustin Volz (March 12, 2019). "Navy, Industry Partners Are 'Under Cyber Siege' by Chinese Hackers, Review Asserts; Hacking threatens U.S.'s standing as world's leading military power, study says". WSJ.com. Archived from the original on March 13, 2019. Retrieved March 14, 2019.CS1 maint: uses authors parameter (link)
- "Archived copy". Archived from the original on February 11, 2020. Retrieved February 10, 2020.CS1 maint: archived copy as title (link)
- "@FBI on Twitter". Archived from the original on August 30, 2020. Retrieved February 11, 2020.
- "China, Caught Meddling in Past Two US Elections, Claims 'Not Interested' in 2020 Vote". Voice of America. April 30, 2020. Archived from the original on May 18, 2020. Retrieved May 17, 2020.
- Greenberg, Andy. "Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry". Archived from the original on August 12, 2020. Retrieved August 12, 2020.
- The Vatican Is Said to Be Hacked From China Before Talks With Beijing (- New York Times)
- Wolf, Jim (November 19, 2010). "Pentagon says "aware" of China Internet rerouting". Reuters. Archived from the original on November 23, 2010. Retrieved November 26, 2010.