Did China Tip Cyber War Hand?
Image Credit: Tom Thai

Did China Tip Cyber War Hand?

0 Likes
14 comments

Amid growing US concerns over ongoing Chinese cyber attacks, attribution remains the most complex issue. At the open source level at least, it has been hard to find a ‘smoking cursor.’ That is, until the broadcast of a recent cyber warfare programme on the military channel of China’s state TV network.

The programme appeared to show dated computer screenshots of a Chinese military institute conducting a rudimentary type of cyber attack against a US-based dissident entity. However modest, ambiguous—and, from China’s perspective, defensive—this is possibly the first direct piece of visual evidence from an official Chinese government source to undermine Beijing’s official claims that it never engages in overseas hacking of any kind for government purposes. Clearly, Washington and Beijing have much to discuss candidly here if they are to avoid dangerous strategic tension.

China Central Television 7 (CCTV-7) is China’s official channel for military and agricultural issues. As part of its wide-ranging coverage, every Saturday it runs a 20-minute programme called ‘Military Science and Technology.’ It’s always worth watching, given the range of timely topics covered and the detailed analyses offered by Chinese specialists. The July 16 edition was particularly so.

Entitled ‘The Internet Storm is Coming’ (网络风暴来了), it begins with a broad discussion of cyber attacks. It showcases a statement by then-US Defense Secretary Robert Gates at the Shangri-La Dialogue in Singapore in June. This important international conference was also attended by Gates’ Chinese counterpart Gen. Liang Guanglie. Emphasizing that the United States was extremely concerned about the cyber attacks that it was continually suffering from, Gates suggested that some attacks could rise to the level of an act of war and prompt the United States to respond with force.

Chinese Military expert Du Wenlong then highlights President Barack Obama’s May 2009 remarks in which he emphasized the importance of securing the nation’s digital infrastructure and declared it a strategic national asset. Du explains that Washington would regard some types of cyber attacks as acts of war because modern military operations rely heavily on digital networks and cyberspace: ‘networks have become the basis for military action and for winning a war.’ Du appears to be well acquainted with his subject matter, and provides cogent explanations of complex cyber issues.

But here is where the programme deviated from its typical theoretical coverage of broad military trends for six seconds to offer an unusually-specific Chinese example. An initial screen was labelled ‘Vulnerability Report’ in large letters; a narrator intones that ‘there are many Internet attack methods.’

As the narrator discusses a means of implementing hard and soft cyber/network attacks, footage displays what appears to be a human-operated cursor using a software application with Chinese character labelling to launch a ‘distributed denial-of-service’ (DDOS) attack.

This particular DDOS is against a website formerly affiliated with the dissident religious group Falun Gong. Under large characters reading ‘Select Attack Target,’ the screenshot shows ‘Falun Gong in North America’ being chosen. Here it must be emphasized that DDOS attacks are generally extremely rudimentary. As will be explained later, if the footage in question was real, it’s likely a decade old.

Drawing on a ‘Falun Gong website list’ encoded in the software, the cursor selects the ‘Minghui Website’ from a pull-down menu of Falun Gong websites. Minghui.org is the main website of Falun Gong’s spiritual practice, and hence a logical target.

Hovering over a software window labelled ‘IP Address of a Website Chosen to Attack,’ the cursor selects the IP address 138.26.72.17. This was once linked to the University of Alabama in Birmingham. According to the Falun Gong-supporter-founded Epoch Times, a UAB network administrator ‘recalled that there had been a Falun Gong practitioner at the university some years ago who held informal Falun Gong meetings on campus. They couldn’t confirm whether that individual used the IP address in question, and said it had not been used since 2010.’ PC World added that the site was created ‘by “a former student and was decommissioned in 2001 as it violated our acceptable use policy,” according to Kevin Storr, a UAB spokesman.’

During this sequence, some interesting characters remained at the top of the screen: ‘Attack system…PLA Electronic Engineering Institute.’

The programme then returns to general cyber attack themes.

As this research note went to press, the programme footage remained readily visible and viewable on the CCTV website.

Comments
14

[...] cyber attacks from China are considered a very serious problem by at least half of the experts surveyed. Retired military [...]

Michael
September 5, 2011 at 17:28

A simpler possibility: China’s proverbial left hand doesn’t know what the right hand is doing. If so, the negotiations Gates suggested may need to wait until the government or party branch in charge of the hacking program can be identified. That, or negotiate with the usual channels and hope they can reign it in . . .

Leonard R.
August 29, 2011 at 14:06

John Chan is a master of the English language. His fiction is noteworthy also.

Well done J.C. You ought to be teaching English to the other 5 RMB’ers here.
And you could give us all a few tips on creative writing.

Of course he’s right. The PRC is only trying to help the US military with its cyber-attacks.
Every attempted hacking is only done with the purest of intentions.

After all, they are friends of America. Hu Jintao was kind enough to give the US a ‘reset’.
Americans should be grateful for every PRC cyber attack.
It only has America’s best interests at heart.

ozivan
August 28, 2011 at 01:39

@a_canadian_observer. The issue is china has no gut to admit their wrongdoings.

The US & UK have never admitted their wrongdoings in invading Iraq based on false intelligence on WMD. It’s the press that highlighted the mistake, but both US & UK have never come out officially to admit or apologise for the error.

Sinodefender
August 27, 2011 at 13:41

Then prove to me that the CCP are behind all the hackings originating in China… Using a simulation does not mean China would go to war, had you every heard of America’s Army its a simulation not unlike China’s current one are terrorists.

Sinodefender
August 27, 2011 at 13:32

I don’t think a single country admits they hack and steal sensitive information. Chinese are just following the Art of War,just like other countries…

Leonard R.
August 27, 2011 at 13:22

The bombing of the Chinese embassy was a terrible thing.
The US should apologize if it didn’t & pay compensation.

I would like to think the US knew what it was doing.
But everything I know tells me it was sheer incompetence.

The CCP has its episodes of incompetence. Incompetence is a proud tradition with the United States Government.

The US should be training its soldiers with video games showing the PLA.
I agree with Yang Zi. That will help put things on the right track.

John Chan
August 27, 2011 at 13:17

When a nut US colonel gives an unauthorized order to attack China because of his problem with his female companion; but his order is intercepted by PLA hackers who stop the order and alert the Pentagon. So a world size crisis is averted and a cancer in the USA security system is discovered and removed. China’s unsound heroes save the beacon for the USA again.

Actually the scenario might happen, would the American be glad that PLA always be there to backstop for the USA? Does everybody still think PLA’s hacking US Military systems a bad thing?

a_canadian_observer
August 26, 2011 at 22:08

@yangzi: I think we’re talking about cyber attack/hacking. A lot of countries other than china do that for various reasons. For china, it’s all about stealing from technologies to secrets. The issue is china has no gut to admit their wrongdoings.

yang zi
August 26, 2011 at 18:43

if you want to train, you want to train against the best. US soldiers should be proud to be featured in the game.

Leonard, I suspect you served in west pacific, you should know US colonels always planning to attack China, US soldiers frequently exercise using China as the enemy.

how about the bombing of Chinese embassy in former Yugoslavia? is that offensive enough? do you expect the game writers in China to pretend it never happened?

the hostilities exist on both sides, US is the initiator in my view.

Leonard R.
August 26, 2011 at 17:12

Here is the CNN story. It’s from May, 2011. PLA gamers train to shoot American soldiers in uniform.

http://newsstream.blogs.cnn.com/2011/05/21/chinese-pc-game-takes-aim-at-american-soldiers/

Make a note. Eventually this stuff starts to add up.

a_canadian_observer
August 26, 2011 at 10:55

@Leonard R.: Agreed! As I stated in another blog, It’s hard to believe the chinese government has nothing to do with the hacking. It’s the CCP mouthpieces that tried to deny the fact. I bet you they will be quiet here.

Leonard R.
August 26, 2011 at 10:45

The Pentagon & Sec. Gates this year took the long overdue step of declaring cyber-attacks to be ‘acts of war’. This is reasonable and appropriate. Hu Jinao has waged war and disrespected the US since he took over.

The new leader has a chance to reduce tension. But I don’t think he can. Even if he is not an America-hater, as he appears to be, the PRC command and control system is deeply suspect. All evidence indicates that the standing committee does not have a leash on regional PLA Generals – or even Lieutenant Colonels (who feel free to pop off in the NY Times).

Something other readers need to know the PLA has a training video game where it’s soldiers fire at images on-screen of troops wearing US uniforms.

Jinping wants to be ‘friends’ eh? He’s got a lot of work to do.

yang zi
August 26, 2011 at 01:51

it is easily explainable.

China outlaws hacking by citizens, but does have cyber warfare capabilities.attacks on Falungong websites is indeed by some government elements.

Share your thoughts

Your Name
required
Your Email
required, but not published
Your Comment
required

Newsletter
Sign up for our weekly newsletter
The Diplomat Brief