Jonathan Evans, the Director-General of MI5, recently sent a confidential letter to 300 British firms warning them that they were under constant cyber attack from “Chinese state organizations.”
While many in the US, UK, and German governments have informally accused the Chinese government of cyber espionage, Director-General Evans is the first official to go on record and directly accuse the Chinese of cyber espionage actions.
Previous Accusations
The People’s Liberation Army (PLA) and other Chinese state institutions are believed to be largely responsible for cyber attacks against the following states:
– United States (Previous Report)
– Germany (Previous Report)
– Britain (Previous Report)
– France (source)
– Australia (source)
– New Zealand (source)
More than China
While China draws a majority of the attention for its international cyber espionage campaign, many experts have noted that other countries may be developing an offensive cyber espionage and cyber warfare capability. In McAfee’s annual Virtual Criminology report, Peter Sommer, a technology expert from the London School of Economics stated, “there are signs that intelligence agencies around the world are constantly probing other governments’ networks looking for strengths and weaknesses and developing new ways to gather intelligence.”
More than Espionage
Governments are not only interested in using offensive cyber warfare tactics to enable espionage but may also develop cyber tactics to fight militarily. According to the McAfee report, “Evidence suggests that governments and government-allied groups are now using the Internet for espionage and cyber attacks on the critical national infrastructure (financial markets, utility providers, air traffic control) of other countries.”
It stands to reason that a country with a developed cyber espionage capability may also be interested in developing a cyber warfare capability. In this context cyber espionage is the passive theft of a rivals data, while cyber warfare would be the active manipulation or destruction of a rivals data.
Many of the skills and techniques required for cyber espionage are the same skills and techniques required for cyber warfare. For example, both cyber espionage and cyber warfare require a sophisticated reconnaissance and infiltration capability to probe for vulnerabilities and gain access to a targeted system. Once access is achieved a hostile actor is able to either steal data (cyber espionage) or manipulate/destroy data (cyber warfare).
The Example of Estonia
The May 2007 cyber attack on Estonia may serve as the model for future conflicts. During these attacks, which many believe were organized in part by Russia, the access to the electronic infrastructure of the Estonian government, as well as the county’s media outlets, communications companies, financial institutions, and emergency services were all disrupted (Previous Report).
The attacks were all likely similar to many of the cyber espionage attacks attributed to China as some form of reconnaissance and infiltration preceded them.
As such, it is expected that more countries will continue to develop cyber espionage techniques for attacks like those witnessed in Estonia.