Electronic Weapons: China Attacks, No One Notices

Archives

January 23, 2006: There's a Cyber War going on between China and the rest of the world. The problem is, there's enough proof to know that China is behind an increasing number of Internet based attacks, but not enough to call China out on it. It began about five years ago, with an increasing number of very well executed Internet attacks that appeared to be coming from China. At first, it was thought to be adventurous computer science students, or criminals out to steal something they could sell. Then, in 2003, came the "Titan Rain" incident. This was a massive and well organized attack on American military networks. The people carrying out the attack really knew what they were doing, and thousands of military and industrial documents were sent back to China. The attackers were not able to cover their trail completely, and some of the attackers were traced back to a Chinese government facility in southern China. The Chinese government denied all, and the vast amounts of technical data American researchers had as proof was not considered compelling enough for the event to be turned into a major media or diplomatic event.

In the wake of Titan Rain, governments around the world began to improve their Internet security. But not enough. The attacks kept coming. Out of China. And the attackers were getting better. In 2005, a well organized attack was made on the networks of the British parliament. This time, the defense won the round. Mostly. The carefully prepared emails (with virus attached), would have fooled many recipients, because they were personalized, but not the network defenses detected the true nature of these messages.

But many other attacks are only discovered when they are over, or nearly so. The attackers are very well prepared, and usually first make probes and trial run attacks on target systems. When the attackers come in force, they don't want to be interrupted. And usually they aren't. The Chinese attackers use techniques similar to those employed by criminal gangs trying to get into banks, brokerages and big businesses in general. Thus it is believed that the Chinese hackers try, as much as possible, to appear like just another gang of cyber criminals. But the Chinese have certain traits that appear more military than gangster.

The Chinese cyber army keeps getting better, and that includes covering their tracks. It may take a defector or three to make it definite that China is waging a stealthy war over the Internet. Meanwhile, the Chinese reap enormous economic benefits from their raids on economic and technical secrets in the West.