79) China and cyberwar: a serious foe, according the Americans

China proves to be an aggressive foe in cyberspace
By Ellen Nakashima and John Pomfret
The Washington Post, Wednesday, November 11, 2009

One day in late summer 2008, FBI and Secret Service agents flew to Chicago to inform Barack Obama's campaign team that its computer system had been hacked. "You've got a problem. Somebody's trying to get inside your systems," an FBI agent told the team, according to a source familiar with the incident.

The McCain campaign was hit with a similar attack.

The trail in both cases led to computers in China, said several sources inside and outside government with knowledge of the incidents. In the McCain case, Chinese officials later approached staff members about information that had appeared only in restricted e-mails, according to a person close to the campaign.

American presidential campaigns are not the only targets. China is significantly boosting its capabilities in cyberspace as a way to gather intelligence and, in the event of war, hit the U.S. government in a weak spot, U.S. officials and experts say. Outgunned and outspent in terms of traditional military hardware, China apparently hopes that by concentrating on holes in the U.S. security architecture -- its communications and spy satellites and its vast computer networks -- it will collect intelligence that could help it counter the imbalance.

President Obama, who is scheduled to visit China next week, has vowed to improve ties with the Asian giant, especially its military. But according to current and former U.S. officials, China's aggressive hacking has sowed doubts about its intentions.

"This is the way they plan to thwart U.S. supremacy in any potential conflict we get into with them," said Robert K. Knake, a Council on Foreign Relations fellow. "They believe they can deter us through cyber warfare."

Chinese officials deny that and dismiss American concern as a Cold War relic.

"Allegations that China is behind, or 'likely behind,' cyberattacks or cyber espionage against the United States are more frequent and more sensational," said Wang Baodong, the spokesman at the Chinese Embassy in Washington. "Such accusations are unwarranted, irresponsible and misleading and are intentionally fabricated to fan up China threat sensations."

With 360 million people online in China, Wang added, "China is more than ever integrated with and reliant on the Internet. As the U.S. serves as the hub of the international information highway, attacking the U.S. in cyberspace equals attacking one's own cyberspace assets. . . . What's the logic?"

Nonetheless, U.S. officials and experts of all political persuasions in the Pentagon, on Capitol Hill, in private industry and in think tanks are convinced that China is behind many of the most egregious attacks. A senior Air Force official estimated that, as of two years ago, China has stolen at least 10 to 20 terabytes of data from U.S. government networks -- the larger figure equal, by some estimates, to one-fifth of the Library of Congress's digital holdings.

Nuclear weapons labs, defense contractors, the State Department and other sensitive federal government agencies have fallen prey. What experts do not know is exactly what has been stolen or how badly U.S. systems have been exposed. "Given the intrusions into defense industry networks, multibillion-dollar weapons systems . . . may have already been compromised," said James Mulvenon, a China expert with Defense Group Inc.

Experts point to the late 1990s as the start of this undeclared war. Since then, cyber intrusions have run the gamut, including stealing files on political dissidents from the offices of Rep. Frank R. Wolf (R-Va.) in 2006, disrupting the e-mail network of the defense secretary's office in 2007 and staging a spyware attack on electronic devices used by then-Commerce Secretary Carlos M. Gutierrez and his delegation on a December 2007 trip to Beijing.

Wolf said that the offices of 17 House members have been targeted. "Not a week doesn't go by when there's not a Chinese attack on our government," he said.

One day last spring, Capitol Hill security officials removed two computers from a congressional office that deals with foreign affairs. "There's a bug in your computer," one agent told an astonished staffer. "From China."

Director of National Intelligence Dennis C. Blair said in February that Russia and China were able to "to target and disrupt elements of the U.S. information infrastructure" and that China was "very aggressive" in cyberspace.

Another problem is China's ability to leave behind malicious sleeper code that can one day be activated to alter or destroy information. In April, then-National Counterintelligence Executive Joel F. Brenner reported that the Chinese had penetrated "certain of our electricity grids" with malicious code and that "our networks are being mapped"

One challenge in countering the threat, experts say, is that the Chinese often contract out such work to experts in industry and academia and possibly even to freelance hackers, allowing officials to argue that while an attack might have originated from an Internet service provider in China, no one could prove it came from the government.

The Chinese People's Liberation Army has publicly embraced such outsourcing. In 2002, the PLA created information warfare units, comprising operators and analysts from the commercial sector and academia, according to a new reportby defense contractor Northrop Grumman for the U.S.-China Economic and Security Review Commission, a congressionally chartered body.

A year later, China's Academy of Military Sciences published an account of a trial project in the Guangzhou Military Region to establish information-warfare militia units using local telecommunications companies as a source of talent, funding and technology. Subsequently, the academy directed the PLA to make creation of such units a priority.

"Information warfare is not just a theology," said Ming Zhou, a China specialist with VeriSign iDefense, a security intelligence firm. "They can integrate it into nation-state interests."

Some U.S. cyber policy experts such as James A. Lewis, a senior fellow with the Center for Strategic and International Studies, acknowledge that the problem cannot be solved without international engagement. At the same time, Lewis said, "I'm not going to get upset about China spying on us, because we spy on them."

"The only thing I'm going to get upset about," he said, "is if we don't do better than them."