This article addresses a view outside our borders of potential targeting by foreign nations. When a nation seeks to limit or degrade our national computer infrastructure or conduct commercial or national espionage, it is in fact a homeland security issue.
China seeks information dominance, ultimately leading to global control. According to Lt. Gen. Robert Elder, Commander of Air Force Cyberspace Command at Barksdale AFB, when referring to Chinese cyberspace efforts, he said, "They're interested in doing this in a way that they can be dominant without even having a fight.”
This mindset is consistent with the Chinese strategist, Sun Tzu who said, “The supreme art of war is to subdue the enemy without fighting.” Using the, “Conquer without a fight” strategy, China uses many avenues of attack to draw closer to their prize. While they use a variety of methodologies, those covered in this article include computer system attacks, national and corporate espionage and the exploitation of Intellectual Property (IP) through reverse engineering or, through outright counterfeit. This article will attempt to discuss these issues separately; yet, there is no clear demarcation line between them. While separate issues, each works together with the other.
China as a Conventional Fighting Force
Before addressing the methodologies noted above, it is important to look at the Chinese fighting force. The focus of this section is not upon the Chinese People’s Liberation Army (PLA) departments (Army, Navy, Air Force), but rather their challenges and how they are driven closer to asymmetrical warfare vice a conventional fight. The size and logistical task of supporting the Chinese military hampers success. With a population of over 1.3 billion, approximately 609 million are listed as being fit for military service. Training, feeding, equipping and transporting such a large force becomes unmanageable during a conventional war scenario. Unless China is faced with protecting border regions or the perceived mass of forces transiting across the straits to Taiwan, an invasion or overthrow of foreign governments are unlikely unless asymmetric tactics are used.
Even so, when China attacked Viet Nam in 1979 with a mass of 400,000 troops, they faced logistical difficulties and could not retain control of the region. After a month, they eventually retreated and in an effort to “save face,” later claimed victory. In both 2005 and 2007, China participated in the “Peace Mission” exercises through the Shanghai Cooperative Organization (SCO). The multi-national response cooperative is comprised of troops from Russia, China, Kazakhstan, Kyrgyzstan, Tajikistan and Uzbekistan. As China prepared to transport 1,600 troops to Russia for the exercise, the event was reported via multiple open sources far before the first aircraft departed. With today’s information networks, the long-range movement of troops rarely goes unnoticed.
Even so, China’s thirst for global domination continues in spite of lessons learned from recent conflicts and exercises. As this article will show, while China takes many small steps forward, they do so with the intent of quietly gaining control of resources, regions and global information systems. Following the tenet of Sun Tzu, “Opportunities multiply as they are seized”, the Chinese are following a patient long-term strategy.
Chinese Culture, Long-Term Strategy and an American View
The Chinese set long-term goals and build upon strategies that over time will yield the intended results. Because their focus is weighed by years or decades, rather than days or months, China can readjust as necessary, sometimes without an adversary recognizing the change. In American culture, those contributing to a project or mission often hopes to see the fruits of their labor. Because the Chinese strategy is extended over a long period, personnel recognize the importance of working toward a national goal. If by chance they get to partake and see the results, it is seen as a great honor to be a part of national history.
Within American culture, the Chinese long-term concept is often difficult to grasp since comparatively, the U.S. has a shorter history. Even so, America has become a dominant leader in technology, military might, natural resource exploitation and agricultural expertise. A culture with a longer history may feel they own a right to claim these successes as theirs. With the exception of the Afghanistan and Iraq wars, Americans have become used to fast success. Such a concept of short timelines to victory is in a sense, a key to our own vulnerability.
As China slowly carries out their strategic plan, observers often fail to see indicators of movement. Measured action by China is often seen as inaction until milestones are achieved, represented by a new weapons test, a significant intrusion into U.S. data systems, regional occupation or new Chinese accesses to valuable natural resources. In recent years, China has been reaching a variety of successes catching the attention of both U.S. and allied leaders. Such milestones may be indicators that the Chinese strategy is near complete.
Computer Data System Attacks
For years, computer attacks against military, government agencies and corporate and educational institutions originated from China. Evidence shows the objective is dual-faceted, intended for espionage and degradation of U.S. military operational capabilities. According to Dr. Andrew Palowitch during a presentation at Georgetown University in 2007, the Department of Homeland Security received 37,000 reports of computer attacks, including nearly 13,000 against federal agencies and over 80,000 against Department of Defense (DoD) computers.
While Dr. Palowich does not categorize the originators of the attacks, the 2007 Security Threat Report by Sophos PLC describes how China is the leading originator of computer malware throughout the globe. According to the report, in June 2006, China held 35% of global malware, behind the U.S. The following year, China supplanted the U.S. in computer malware by increasing to 53.9% throughout the globe and retaining the leading position.
In November 2007, there were over 1,100 attempts to send “Phishing Emails” to employees of the Oak Ridge National Laboratory in Tennessee. Seven separate emails were sent to valid email addresses of personnel working within the center. The emails were intended to gain access to employee files. Eleven individuals opened the emails allowing the infiltration and removal of data. The computer attacks are believed to have originated in China. Given this type of attack with spoof emails, during an asymmetric warfare scenario when attending to multiple threats simultaneously, how would a person distinguish real emails from those loaded with disinformation?
The price of admission for a computer attacker is cheap. As we will see in the pages ahead, rather than recruit, train and emplace humans as a sole source for intelligence collection, attacks via computer networks allows anonymity and the chance to strike another day.
Counterfeit Electronic Parts
Government contractors that supply our nation with weapons, aircraft, data and a variety of communication systems seek the best prices for their parts. While some quality control takes place, the intent is profit. Many of the leading microchip suppliers are in China. Realistically, with the thousands of electronic components arriving in the U.S. each day from China, it often becomes economically unreasonable to check each part. In 2005, U.S. military equipment failures were traced back to faulty Chinese electronic components. Many of these parts were extracted in back alleys in China from scrap electronics.
Since 2004, China sold the U.S. military over 400 counterfeit data routers. According to Melissa Hathaway, the cyber security chief for the Office of the Director of National Intelligence (ODNI), "Counterfeit products have been linked to the crash of mission-critical networks, and may also contain hidden 'back doors' enabling network security to be bypassed and sensitive data accessed by hackers, thieves, and spies."
In the morning of September 5, 2007, a Booz Allen Hamilton (BAH) executive received an email from the Pentagon. BAH is a government weapons contractor and it’s common to send communications back and forth from the Pentagon or other military facilities. The email addressed a list of specific weapons systems the Indian government was interested in purchasing.
Unfortunately, the email was a counterfeit, originating from the Chinese domain “cybersyndrome.3322.org.” Within the email was an attachment with an embedded code referred to as, “Poison Ivy.” If the BAH exec had opened it, the company’s $4 billion computer system would become vulnerable and sensitive data downloaded to foreign computers.
The BAH incident and the Oak Ridge case noted earlier both indicate serious counterintelligence issues. The Spoof emails indicate that ongoing intrusions or possible open source research was used to identify personnel within the system. The Chinese gained access to their emails, names and positions. When the identities of personnel working near sensitive information are obtained by foreign intelligence services, the door is opened to targeting and recruitment.
The U.S. is not a lone victim of computer espionage by China. In 2007, Jonathan Evans, Director-General of the British MI5 sent a confidential letter to 300 Chief Executives of British corporations, banks and legal firms. In the letter, Evans stated that they are, “under attack by Chinese state organizations.” The computer network of Rolls-Royce was infected with a Trojan horse that sent large quantities of the company’s industrial information to Chinese servers.
In August 2007, several computers within German Chancellor Angela Merkel’s office were infected with Trojan horse programs. Additionally, several government ministries including the Foreign Ministry, Ministry of Economics and the Research and Development Ministry were infected with the spyware. German security officials discovered the attacks originated from China. During one attempt, German computer security experts prevented the transfer of a 160-Gigabyte file to China.
In 1985, Larry Wu-Tai Chin was arrested for being a spy for the People’s Republic of China (PRC). Chin was born in Peking and later recruited by Chinese intelligence to become embedded within the U.S. Intelligence Community (IC). Initially working for the U.S. Army Liaison Office in China, he later landed a position with CIA. He served as an agent for the PRC over a period of 33-years before retiring in 1981 from the CIA’s Foreign Broadcast Information Service. After being convicted of all counts, Chin committed suicide in his cell.
In September 2007, two San Francisco Bay area men, Lan Lee and Yuefi Ge were arrested for attempting to sell Intellectual Property (IP) related to microchip design. Additionally, they sought funding from China’s 863 program, a PRC operation known as the High Technology Research Development Program. Mark H. Miller, President of Crimson Life Services Division describes the 863 program as a threat to Intellectual Property. Miller says, “Medical device manufacturers need to exercise extreme caution when transferring proprietary technology or processes to overseas partners, since foreign governments are often active sponsors of IP theft.”
In November 2008, a Chinese Physicist and Hampton Roads resident, Quan-Shen Shu, was arrested. Shu admitted to transferring information to China via a French company related to Liquid Hydrogen Rockets. Ironically, two years prior to his arrest, the FBI warned him that selling space technology to China was illegal; he did it anyway.
This article shows that while China has a large military force, logistically, unless used in a defensive posture during a conventional war scenario, supporting such a large contingent of personnel becomes a hindrance. As shown earlier, such logistical challenges proved true during the war with Viet Nam. With today’s technology and prolific open source reporting, the likelihood of efficiently moving troops is quickly noticed allowing the adversary to take preparative action. Following the ideology of Sun Tzu of subduing the enemy without fighting, China has pursued a long-term approach of asymmetrical warfare.
The cultural mindset of the Chinese long-term approach in comparison to the expectation of faster results by the U.S. places China at an advantage. As this article shows, China has launched a campaign using "technology to defeat technology" and degrade critical systems through data attacks or via counterfeit components. With each coordinated computer attack, China identifies vulnerabilities and maps the reactions for future assaults. For stand-alone weapon systems and aircraft, China has supplied the market with counterfeit microchips that may fail, placing critical systems in jeopardy.
Through a variety of tactics, China has an ongoing human and electronic espionage campaign against world governments and technology industries intending to gain intelligence or intellectual property. Many computer attacks are conducted via unprotected systems; in effect, they are an unwitting host.
Conducting electronic counterstrikes could attack innocent parties or allies. It is vital therefore, to isolate specific originating points of Chinese data attacks and then implement opposing action against these nodes. Given today’s data environment, China is on a path of mapping and ultimately controlling the data systems of the world to obtain information dominance. Without proactive countermeasures, China’s ongoing march to global control places our nation’s homeland security posture at risk.
References Used in This Article
Blakely, Rhys. Richards, Jonathan., Rossiter, James., Beeston, Richard. 2007. “MI5 Alert on China’s Cyberspace Spy Threat,” Times Online, (December), Online.
As always, Mr Davis, your articles are informative, interesting, and provocative. Other dynamics which should be explored are unfair balances of trade (which has caused the loss of tens of thousands of American jobs)and the widespread problem of corrupt companies ... sending inferior, counterfeit, and dangerous products into our economy.
My personal philosophy is to not buy anything "Made in China". Why support any regime whose ultimate goal is to destroy democracy.
Well Done. We have been at war with China since 1949. It's amazing how many people haven't noticed. The bad news is that by the time China finally wins they won't want anything to do with what's left of what use to be America.