Highlights
– Chinese hackers reportedly partially responsible for two blackouts in the United States
– China has both the capability and the intention to cause a blackout and attack other portions of United States critical infrastructure
– Hacking has evolved from individual curiosity to a component of national power
According to a recent report published in the National Journal “the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast.”
While the extent of China’s cyber espionage campaign has been extensively documented in previous reporting from Total Intelligence Solutions (Previous Report), China’s role in the 2003 blackout throughout the Northeastern United States and the February 2008 black throughout Florida has not been revealed until now.
Although China’s potential role in these blackouts has not been openly discussed until now, it should come as no surprise that China would have both the intention and the capability to trigger a widespread blackout.
Unrestricted Warfare
Chinese military strategists have written at length about the PLA’s intention to employ what they term “unrestricted warfare” in future conflicts. In the book titled, Unrestricted Warfare, authors Qiao Liang and Wang Xiangsui wrote, “this kind of war means that all means will be in readiness, that information will be omnipresent, and the battlefield will be everywhere. It means that all weapons and technology can be superimposed at will.”
Presumably, the ability to cause widespread blackouts and deprive an enemy of electricity would fall into the category of unrestricted warfare. The potential economic damage and communications disruptions resultant from prolonged blackouts would be of obvious interest to any military seeking to coerce or compel an adversary.
China’s Cyber Militia
It is a well-known fact that the Chinese government has either encouraged or done little to crack down on a robust and growing community of hackers. These hackers are thought to be primarily motivated by patriotism and are believed to have been responsible for numerous cyber attacks on US government and private sector networks. These previous attacks demonstrate that the Chinese hacking community has the capability to execute complex cyber attacks.
While the Chinese government may have directed many of these attacks, it is also possible that Chinese hacking groups from time to time take matters into their own hands and execute attacks without the direction of the government. For example, in response to perceived anti-Chinese coverage by the Western media of the recent riots in Tibet, a group of Chinese hackers called for distributed denial of service attacks (DDOS) against mainstream Western media outlet, CNN. It is plausible this proposed attack was self- organized out of patriotic zeal by individual hacking groups.
Vulnerabilities in the Electric Power Industry
Furthermore, the widespread vulnerabilities in the US electricity generation and transmission infrastructure have been extensively documented. For example, a report recently released by the US Government Accountability Office (GAO) found that the Tennessee Valley Authority’s (TVA) “corporate network infrastructure and control systems networks and devices were vulnerable to disruption,” (Previous Report) Moreover, the TVA’s “corporate network was interconnected with control systems networks GAO reviewed, thereby increasing the risk that security weaknesses on the corporate network could affect those control systems networks.” Cyber security experts have stated that the vulnerabilities found at the TVA are likely to be found at power plants across the country.
Furthermore, a March 2007 test by the Department of Homeland Security (DHS) dubbed the “Aurora Generator Test” revealed that large power generators used to supply electrical power to cities could be remotely attacked and disabled by knowledgeable hackers. According to hearings held by the House Homeland Security Committee’s Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology the power industry has been slow to address the vulnerabilities exposed by the Aurora test.
Evolution of Hacking to Information Warfare
As far back as the 1980’s hacking groups like the Legion of Doom and the Masters of the Deception were actively probing telecommunications networks throughout the United States. These groups were primary probing these networks out of curiosity and in order to earn respect within the hacking community.
It should therefore come as no surprise that this probing of critical infrastructure has continued, although the goals and groups engaged in these activities have changed. We expect that other nation-states are actively developing an information warfare capability that would be along the same vein of the Chinese allowing aggressors to conduct offensive operations in cyberspace.