jakobohlsson.tumblr.com

China’s online warfare may lead to IRL/AFK-war.

[I wrote this for kicks a couple of days ago after reading some Chinese news stories about online warfare, I was going to pitch it for a newspaper or magazine but I sort of forgot about it, and now it’s already semi-old news. Anyway. Hope you enjoy]

China’s People’s Liberation Army recently announced that they will be forming an online army in order to ensure their national interest and online security. The news are released the same week as a massive phising attempt aimed at prominent Gmail users such as American government officials, journalists, military personnel, etcetera. The hacking attempt prompted a hawkish “leak” from Pentagon’s first official cyber strategy, expected to be release next month, and whose main point is that a cyber attack now could be considered as an act of war, and lead to a response with traditional weapons.  And even though the press release for the new Chinese “Cyber Team Blue” was sent out in late May 2011, there are stacks of evidence that points towards that chinese cyber
commandos has been operational, and vigilant, for many years already.

The american counterpart of the Chinese cyber army is called “The US cyber command” and was formed in 2009, partly as a response to a series of hacker attacks, including one directed to the American electrical grid that left software behind that could be used to disrupt or shut down the grid. The attack allegedly originated from China, who at this point officially did not have any active cyber divisions and denied all knowledge, a spokesperson for the Chinese embassy was quoted saying that these allegations were merely a result of “some people overseas with Cold War mentality, fabricating the sheer lies of the so-called cyberspies in China”.

Cold war or no cold war, the list of cyber attacks originating from China aimed against the US, grows longer for every year. One of the most serious attacks was revealed in 2009 when the Canadian research group InfoWar discovered GhostNet, a cyber espionage ring that penetrated more than 1200 computers in over 100 countries, targeting foreign embassies, NGOs, foreign ministries and media organizations. Perhaps unsurprisingly, almost all of the Tibet-related organizations were also targeted. The attackers used Chinese malware software and originated from Beijing, but as it often is in these cases, no proof could be found that this was ordered from the Chinese central government.

Although the Chinese cyberwar edge primarily seems to be directed to US and Chinese dissidents, they attacks have not been limited to these targets. In 2011 Australia’s PM Julia Gillard’s computer was targeted by a cyber attacked traced back to China, which may have given the Chinese hackers direct access to the top Australian leaderships private e-mail conversations, causing deep concerns that Australia is lagging behind in the online arms race.

What is a “Cyber War”?
In spite of it’s increasing recurrence, there is still no clear definition of what constitutes a “cyber war” or a “cyber attack”, and more importantly, there are no conventions regarding how serious a cyber attack from foreign intelligence should be regarded. Or as American security guru Bruce Schneier puts it “we don’t have good definitions of what cyber war is, what it looks like and how to fight it”.

This week we may, however, have gotten closer to a definition on how the response to cyber attacks will be in the future. As a Pentagon official talked to the Wall Street Journal this week. Not only did he use the infamous power grid-example from 2009, signaling that this action was in no way forgotten by the US military, but it was also clear that this action could now, in the eyes of the Pentagon, be percieved as an act of war. Or as he himself put it: “if you shut down our power grid, maybe we will put a missile down one of your smokestacks”.

This statement seems to have been taken very seriously by Beijing. State-controlled Xinhua news agency published critical comments by Li Shuisheng, a researcher related to the top military-science academy of the PLA. Mr. Li said that the strategy is “a step towards strengthening american global hegemony”. On Wednesday the state owned CCP-organ “Global Times” published an article with the headline “can an online war be avoided?” that went through the Chinese stance in this question, stating the news that China will be forming an online army, and quoting army officials saying categorically that “all of China’s national defense measures are self-defense in nature”.

No hard proof against China
Although there is still no apparent evidence that the Chinese government is ordering any of the attacks against US or US allies, it is an undeniable fact that China has the most sophisticated internet filtering system in the world, with micro-management of all of the Chinese social networks, and even a pool of people hired to write positive comments about the Chinese government online. Which leaves one wondering, is it even possible that these attacks could be carried out without government approval? The Chinese defence ministry was quoted this week saying that and that “the online blue army is not a hacking army”, but the question is why China would even bother to form an hacking army. The current set up has proven to be a win-win situation for the Chinese, the many small groups who hack into American cyberspace still hasn’t generated one case when the CIA or Pentagon has proven a connection between this hackers and the Chinese government.

The last weeks chain of events could however be the end of the time when “anonymous” Chinese hackers could penetrate US systems without retribution. And the forming of the “Cyber Team Blue” could be a step in the right direction, as the Chinese cyber army is formalized and put under a clear authority that can be held responsible for it’s actions. It is, however, still highly unlikely that the Pentagon will realize their threat to respond to cyber warfare with conventional weapons. In a world were a military action’s PR strategy is as important as it’s military counterpart, it’s hard to see how conventional warfare could be seen as a legitimate response to a cyber attack. As for now the online status quo still reigns.