China: No. 1 Cyber Threat

Chinese state-run cyber attacks pose most significant global cyber threat, congressional report says

• November 15, 2012 5:00 am


China’s government carried out numerous cyber attacks against United States government and private sector computers this year and has emerged as the most significant threat in cyberspace, according to a congressional commission report made public Wednesday.

"In 2012, Chinese state-sponsored actors continued to exploit government, military, industrial, and nongovernmental computer systems," the report by the U.S.-China Economic and Security Review Commission said. "Any individual penetration remains difficult to attribute, but security researchers are increasingly able to group exploitations into campaigns based on common features and gain better insight into those responsible."

The report said Chinese cyber attack capabilities "are improving significantly."

"Irrespective of sophistication, the volume of exploitation attempts yielded enough successful breaches to make China the most threatening actor in cyberspace," the report said.

The report identified Chinese military and intelligence organizations as the most sophisticated players in the cyber warfare efforts along with quasi-official cyber militias and other organized cyber attackers such as Chinese state-run information technology and telecommunications firms.

Cyber espionage is carried out mainly by Chinese intelligence organs.

The commission also warned that U.S. industrial supply chains remain vulnerable to Chinese government hacking.

"Many components of defense systems and telecommunications infrastructure are manufactured in China or sourced from Chinese entities," the report said. "This yields active problems with counterfeit and substandard components and raises the potential for the introduction into critical systems of intentionally subverted components."

One new trend for Chinese cyber attacks is the shift from traditional activities to "increasingly advanced types of operations or operations against specialized targets."

The advanced attack methods include defeating secure authentication, breaking into networks, and "bridging air gaps" used to protect the most sensitive classified government information or proprietary corporate data.

News reports from Asia revealed that China used flash drives and other removable media to cross air-gap protected computers at India’s Eastern Naval Command.

Advanced Chinese attack methods also seek to penetrate deployed military systems including missiles, aircraft, ships, and spacecraft.

Chinese hackers also "have successfully penetrated cloud systems" and have compromised mobile communications devices such as smart phones, the report said.

The report also said the U.S. Army Cyber Directorate in January 2007 discovered "beaconing activity" from a Chinese-owned Lenovo desktop computer. The activity was described as a "self-initiating attempt to establish" a connection to the computer.

China also has been linked to malicious software planted in Chinese computers and a digital picture frame.

The report concluded that China’s growing cyber warfare capabilities "jeopardize U.S. national security, steal intellectual property, and collect economic, financial, and other data."

"While most of the intrusions to date against government and military systems appear oriented toward collecting intelligence rather than launching attacks, each objective requires the same sort of accesses," the report said. "One of the hallmarks of Chinese intrusions is the level of effort the operators expend to maintain access to compromised systems. With little notice, a compromise could switch to become disruptive or destructive in nature."

The report also noted Chinese spear phishing of the White House Military Office, an attack first disclosed by the Free Beacon.

The report said the Military Office "contributes to presidential communications, travel, and a variety of other sensitive functions."

In Beijing, a Chinese Foreign Ministry spokesman criticized the commission report.

"This commission always sticks to the Cold War mentality," Hong Lei told reporters, according to the state-run Xinhua news agency.

Hong said the report’s assertions about Chinese cyber attacks are "groundless."

"China has stated on many occasions that it firmly opposes cyber attacks of any form and has made laws to ban it," Hong said, adding that China also falls victim to hacking.

The report said China is building up its nuclear forces and is "on the cusp" of deploying a credible triad of nuclear attack capabilities that includes ground-based long-range missiles, missile-firing submarines, and air-dropped nuclear bombs.

China also has become more aggressive in asserting overly broad territorial claims to areas of the South China and East China Seas.

The commission warned that the gap between the growing military capabilities of China and those of Taiwan continued to widen.

The Chinese also are seeking to control global resources to fuel its economic modernization.

Published under: China, Cyber Security