When the presidents of the world’s remaining superpower and the nation fast challenging for the title, George Bush, of the United States, and Hu Jintao, of China, meet in Sydney, Australia, Thursday they had been scheduled to be talking about matters of mutual interest: trade and global warming.
Now, even if not on the formal agenda, both sides are likely to be considering the prickly issue of cyber warfare, following the revelation that the Pentagon suffered a major breach by hackers reportedly working for the Chinese military earlier this year.
Disclosure by the Financial Times that the People’s Liberation Army, or PLA, assaulted part of the Pentagon’s system used by policy advisers to Defense Secretary Robert Gates is the latest and potentially most serious breach, and set alarm bells ringing across the U.S. military.
The Pentagon reportedly resisted the PLA onslaught for several months, but was finally penetrated, forcing a shutdown of that part of its network for a week. A spokesman would not comment on the assault or its source, but emphasized that any information obtained would have been unclassified. The timing of the attack, and the apparent involvement of the PLA, points to an escalation of anxiety in governments across the world.
Cyber warfare began with individuals, spread to criminal gangs, and is now reaching the realm of nation states.
The Chinese government denied the allegations but, Thursday’s presidential meeting aside, Beijing is already on the defensive over its cyber activities. Last week Angela Merkel raised the issue of cyber warfare on an official visit to China, exhorting the government to “respect a set of game rules”.
The German chancellor’s objections followed a report in Der Spiegel magazine that Chinese spying software had been found widely scattered through the networks of Germany’s foreign and economic departments, and even in Mrs. Merkel’s private office.
Internet security experts have been tracking Chinese cyber warfare for several years. In 2005, U.S. officials revealed that sweeps of U.S. intelligence, including flight software and aircraft plans, had been going on since 2003. The hackers, codenamed Titan Rain by U.S. investigators, were believed to be in Guangdong, a province of China with a heavy concentration of PLA which was also identified by Der Spiegel as the origin of the invasion of German government networks.
Last November, the U.S. Navy reported a military computer had been attacked, probably by Chinese, though it was unclear whether the hackers were commercial or state-inspired. In July, the State Separtment was reportedly investigating a break-in affecting its work across the world; it was suggested hackers had targeted anything relating to China and North Korea, though it is possible that criminal, as opposed to political or military, hackers were using that as a front to disguise their intentions.
The threat of state-sponsored hacking is dominating the thoughts of security officials around the world. Some suggest as many as 120 countries are actively pursuing cyber warfare. China has spelled out in a white paper that what it calls “informationized armed forces” are one of the three pillars of its military strategy, setting itself the target building a cyber army which could win such a war by 2050.
The extent of cyber warfare was underlined earlier this year when the Guardian revealed that Estonia had been almost overwhelmed by an attack believed to have originated inside Russia which rendered a number of government websites useless and was described by officials as a “very serious disturbance”.
The U.S. is particularly vulnerable, both because of the extent of interest in its activities around the world, and because of the sheer size of its systems. The Pentagon operates 3.5 million computers across 65 countries, including 35 internal networks.
Its most sensitive network, Siprnet, is for secret information, and is thought never to have been hacked. Non-classified information passes through the less secure Niprnet; it is in one segment of this network the Chinese operation is believed to have pierced.
Though the Pentagon stressed that any emails intercepted would be unclassified, that does not inherently rule out disruption. Sami Saydjari, who worked as a Pentagon cyber expert for 13 years and now runs a private company, Cyber Defense Agency, said: “If someone is able to attack information that is needed by decision makers, or that is crucial to organizing logistics and supply lines of an army on the ground, that means they can induce chaos in a nation.”
It is not clear exactly how the hackers gained access to the Pentagon. It may be they deployed the principle of “elevating privilege”, said Dan Haagman of the computer forensics company 7Safe. That would involve breaking into a single, unsecured computer used for mundane administrative tasks, then using its flaws to step across to other computers higher up the chain of command.
The pattern would be similar to that used by the British hacker Gary McKinnon, currently fighting extradition to the U.S. after allegedly breaking into Pentagon and NASA computers. In the German case, Der Spiegel said a so-called Trojan program implanted in Microsoft Word documents and PowerPoint files had been used to infect systems .
Other ways include viruses, worms, and “denial of service”, where a computer system is bombarded with so much information it becomes inoperable. “We have gone well beyond teenagers who want their egos boosted. We’re now into the organized kind of state activity that is truly serious,” said Jody Westby, at CyLab based at Carnegie Mellon University.
The U.S. strategic commander, General James Cartwright, this year gave a frank assessment in which he said that the military’s defense against cyber warfare was disjointed, passive and “dysfunctional”.
ADDY’S FOR HAIR
The Choice of Professional Models
STYLIST ASSAF HASSON
531 GEARY STREET BETWEEN JONES AND TAYLOR STREETS
Receive 10% Off Selected Services by Mentioning: SENTINEL