The accusations against the Peoples Liberation Army (PLA) cyberwarfare activities have continued to accumulate. In the past month, unnamed officials in the US and UK government, as well as members of the German government have accused China’s military of sponsoring a concerted, coordinated, and determined campaign of cyber-espionage.
• We believe that China will continue this campaign of cyber espionage as long as they calculate the rewards of this espionage outweigh the risks.
• We believe other governments will invest resources into developing and implementing cyber warfare campaigns designed to steal sensitive information.
• We do not believe the Chinese government is interested in disrupting US government data access.
China’s Targets
US Department officials recently acknowledged that they have compiled evidence demonstrating the PLA’s hand in a June 2007 attack against the Pentagon. The Pentagon stated that the email system in the Office of the Secretary of Defense was taken offline as a result of this attack. These attacks are likely apart of to an ongoing series of attacks targeting the US government, as well as prominent defense contractors (Previous Report).
The German government has also announced that it has detected a coordinated series of attacks believed to have originated in China (Previous Report).
Finally, the UK government has also accused the Chinese of carrying out an ongoing campaign cyber attacks designed to steal sensitive information (Previous Report).
Some US government officials have pointed out the PLA has demonstrated an ability to not only steal data from the penetrated networks, but also potentially disable service on these penetrated US government networks. However, the Chinese are likely more interested in quietly stealing data and less interested in disrupting service on these compromised networks. A coordinated denial of service attack on the US government that was attributed to China would likely provoke a stern military response. Instead the Chinese likely recognize the value in a quiet and ongoing espionage campaign.
China’s Goals
While China has denied involvement in these intrusions and data thefts, the preponderance of evidence indicates that the Chinese military is either sponsoring or tactically approving these attacks.
The Chinese military has surely recognized the high reward and low risk nature of cyber espionage. These attacks allow the Chinese military to steal an incredible volume of data at a very low cost without the risk typically associated with such an aggressive espionage campaign. As the espionage campaigns of the Cold War demonstrated, traditional espionage carried with it risks of arrests, detentions, expulsions, and public démarches. Modern day espionage campaigns as demonstrated by these coordinated attacks attributed to the Chinese, are less expensive and less risky but equally if not more productive.
A Look Ahead
As more information is digitized and stored on computers connected to the Internet, the easyease of conducting in data theft increases. History has demonstrated that the only secure computer is the computer that is turned off and not connected to the Internet. As a result, as long as governments store sensitive information online we believe hostile governments will endeavor to steal this information.