The Coming Cyber-War

While we’re refocusing our national security apparatus around counter-insurgency and counter-terrorism, we’re falling dangerously behind the curve on cyber security. Defense Tech‘s Kevin Coleman has some details:

China is well known for its global cyber espionage efforts. And while the United States has received most of the media attention given to cyber attacks, we are not the only ones dealing with this issue. India is now pointing the finger at China, claiming they have systematically launched a series of attacks on sensitive information systems and networks of Indian agencies. India rapidly responded and now has cyber-security forces down to the division-level to guard against cyber wars. But is that really enough given China’s stated ambitions?

[…]

China has a significant cyber weapons and intelligence infrastructure in place today. What is alarming is not only do they have the intent, but they have the money. Beijing has the world’s second or third largest defense budget depending on where you look for the numbers. Their military budget has been on the rise at 10 percent or more a year for over a decade. This, as well as the attacks, are evidenced by their cyber operational ability to scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems in the US, Germany, UK and India. In addition, in April 2007, Sami Saydjari, who has worked on cyber defense systems for the Pentagon since the 1980s, told Congress: “The situation is grave, with nation-states such as China developing serious offensive capabilities.”

[…]

From all this information one can only conclude that China has the intent and technological capabilities necessary to carry out a cyber attack anywhere in the world at any time. Nations around the world can no longer ignore the advanced threat that China’s cyber warfare capabilities may have today and the ones they aspire to have in the near future. Just recently Belgian justice minister, Jo Vandeurzen, claimed that attacks against the Belgian Federal Government originated from China and are most likely sanctioned by Beijing. The Belgian minister of foreign affairs, Karel De Gucht, told their parliament that his ministry is the subject of cyber-espionage by Chinese cyber agents. This is just the tip of the iceberg. Spy-Ops believes that an estimated 140 countries will be working on their cyber weapons by the end of 2008 and that in the next five years we will see countries and extremist groups jockeying for cyber supremacy.

Much more at the link.

FILED UNDER: National Security, Science & Technology, , , ,
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College and a nonresident senior fellow at the Scowcroft Center for Strategy and Security at the Atlantic Council. He's a former Army officer and Desert Storm vet. Views expressed here are his own. Follow James on Twitter @DrJJoyner.

Comments

  1. Bithead says:

    I strongly suggest a read of Simson Garfinkel and Gene Spafford’s book, Web Security, Privacy and Commerce. It’s available online. It’s been a while since I’ve read the thing, (Spaff’s an old high-school buddy) but I seem to recall the book remarking how the Fulung-gong people had a number of their servers hacked into by Chinese authorities a few years back. Clearly, they’re not above doing the same to anyone else. And had anyone noted that of late the number of virus spam coming from chinese addresses?

  2. Dave Schuler says:

    Frankly, I think that we should stick to our strengths just as the Chinese are to theirs. A systematic government approach to the problem plays to their strengths, not ours.

    We should put a bounty on bringing Chinese government sites down. It wouldn’t be long before they couldn’t run an electronic calculator for ten minutes before it was breached.

    Then we could negotiate with them to end the cyber-hostilities.

  3. anjin-san says:

    Bush’s Iraq obsession has compromised national security? Thats hardly news…

  4. Wayne says:

    Chinese and Amsterdam IP addresses seems to be the worst offenders. Although some US companies do use some of Amsterdam IPs. Not sure if this is for legal reasons or what. I recall a few years ago a little war between Asian and US Hackers with many suspecting Chinese Hackers being government sponsor.

    Rumors are that the US government has stepped up its efforts but I not sure by how much. They were a little too comfortable since they are able to get to most encryption technology and had super computers to crack any that they didn’t have. However low-level attacks don’t rely on someone else’s abilities to crack their codes. It should be a great concern.

  5. Michael says:

    And had anyone noted that of late the number of virus spam coming from chinese addresses?

    I don’t check IP addresses of spam, because most of today’s spam seems to be coming from zombies, not the spammer’s own computers. Surely Chinese hackers know enough not to hack government agencies from their own computers.

    We should put a bounty on bringing Chinese government sites down. It wouldn’t be long before they couldn’t run an electronic calculator for ten minutes before it was breached.

    And what would be the point in that? Preventing the Chinese from having access to their government via the internet? I’m not sure that’s going to impact anybody in any way, since they don’t really have access their government in person, let alone online. It’s not like any sane person makes critical infrastructure available from the internet.

    they are able to get to most encryption technology and had super computers to crack any that they didn’t have.

    In any security setup, breaking encryption is very rarely the easiest point of entry. Social engineering has been the hallmark of the world’s greatest hacks, not technological feats.

  6. Bithead says:

    Odd thing; I don’t see Iraq mentioned anywhere in there. You tell ME, Najin; who has the iraq obsession?

  7. Wayne says:

    Yes it is often easier for a layman to hack a system using social engineering but if one has the means to break encryption at the basic level then it is much faster and easier to do so. For experts they use such things as key stroke and traffic capturing software to break in instead of just making guesses.

    Encryption in US is more heavily regulated than guns. Encryption is actually classified as a weapon. If a company comes up with encryption software or hardware in the US they would have to turn that technology over to the U.S. Government and the government regulates it.
    “There are no limits on what kinds of encryption people can use within the United States. But the government has used export restrictions to try to shape what encryption technology is used internationally, and by extension, what is available in the United States. Those export laws prohibit U.S. companies from selling their best technology overseas.”
    http://www.washingtonpost.com/wp-srv/politics/special/encryption/stories/cr022596.htm

  8. Michael says:

    Encryption in US is more heavily regulated than guns. Encryption is actually classified as a weapon. If a company comes up with encryption software or hardware in the US they would have to turn that technology over to the U.S. Government and the government regulates it.

    Yes, but if it’s open-source you can make it available to anybody on the internet.

  9. Todd says:

    The risk of cyber warfare is real and the likelihood of a major incident is increasing. I was at a presentation by Kevin Coleman, he is one of the top cyber warfare subject matter experts in the US and he showed the data about current threats and forecasted the most likely scenarios of attacks. We are way behind and can’t rely on the government to do everything.