FreeLists / cybercrime-alerts / CIA Warns of Chinese Plans for Cyber-Attacks on U.S.

[alerts@xxxxxxxxxxx]

* My Tech NewsLetter is at http://theMezzenger.com *

CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
Defense: Analysts fear government and private efforts to sabotage federal 
Internet sites.
By ERIC LICHTBLAU
TIMES STAFF WRITER

April 25 2002

WASHINGTON -- U.S. intelligence officials believe the Chinese military is 
working to launch wide-scale cyber-attacks on American and Taiwanese computer 
networks, including Internet-linked military systems considered vulnerable to 
sabotage, according to a classified CIA report.

Moreover, U.S. authorities are bracing for a possible wave of hacking attacks 
by Chinese students against the United States in coming weeks, according to the 
analysis. The confidential alert, which was reviewed by The Times, was sent to 
intelligence officials a week ago.

Although U.S. officials have voiced concerns about individual hackers in China 
who have defaced federal and private Web sites, the United States has resisted 
publicly linking the Chinese government to those attacks or to broader 
cyber-style warfare. The new CIA report, however, makes clear that U.S. 
intelligence analysts have become increasingly concerned that authorities in 
Beijing are actively planning to damage and disrupt U.S. computer systems 
through the use of Internet hacking and computer viruses.

Although the assessment concludes that China has not yet acquired the technical 
sophistication to do broad damage to U.S. and Taiwanese systems, it maintains 
that this is the "intended goal" of the People's Liberation Army in China. "The 
mission of Chinese special forces includes physical sabotage" of vulnerable 
systems, the report says--which some analysts said is driven by China's 
hostility toward Taiwan.

The Chinese Embassy in Washington insisted Wednesday, however, that Beijing is 
only conducting computer research that is strictly defensive in nature.

"It is not the Chinese government's policy to disrupt the computer system of 
any other country," said Larry Wu, an official in the embassy's science and 
technology section.

"We do research on the security of computers, of course--self-defense to 
understand how a hacker can get into our computer systems so we can defend it," 
he said. "But China has never assumed an offensive stance with regards to 
computer technology."

But several specialists in Chinese security and military affairs said the CIA's 
conclusions jibe with their own observations about China's research into 
offensive-minded cyber-tools.

"We should be very worried about this issue," said James Mulvenon, a China 
analyst at the Rand Corp. think tank who has done extensive studies into 
Chinese computer capabilities.

Taiwan, which China regards as a renegade province, appears to be the driving 
force behind the Chinese interest in hacking and viruses, Mulvenon said. Under 
one scenario, if China were to make good on its long-standing threat to invade 
Taiwan, the Chinese military could then seek to deploy widespread computer 
disruptions against American and Taiwanese military systems to slow any effort 
by U.S. forces to intervene in Taiwan's defense, he said.

The issue threatens to inflame what are invariably tense relations between the 
United States and the Communist regime in China, relations already frayed by a 
volley of charges and counter charges during the last several years over 
alleged nuclear, military and political espionage.

Relations hit a low point last year after a U.S. spy plane collided with a 
Chinese jet fighter, triggering an international standoff over the return of 
the plane's 24 Navy crewmen. China detained the crew members for 11 days and 
returned the disassembled plane months later.

Recent months have seen a warming in relations as the Bush administration 
secured China's cooperation in the war on terrorism. But China has become upset 
by what it sees as the White House's increasingly favorable overtures toward 
Taiwan.

The CIA's assessment discusses Taiwan and the United States, revealing that 
U.S. intelligence officials believe both are targets of the Chinese military.

"The People's Liberation Army does not yet have the capability to carry out its 
intended goal of disrupting Taiwanese military and civilian infrastructures or 
U.S. military logistics using computer virus attacks," said the CIA's report, 
which was included in a broader national security assessment that authorities 
distributed to intelligence officials.

"China's virus attack capabilities are similar to those of sophisticated 
hackers and are limited to temporary disruption of sectors that use the 
Internet," the CIA review said. "A Chinese virus attack is capable of reaching 
e-mail communications, lap tops brought into China, and U.S. Internet-based 
military computers."

A U.S. intelligence official who was briefed on the issue but asked not to be 
identified said analysts believe that, although the most sensitive U.S. 
military databases are secure from hackers and viruses, Internet-based military 
systems that are used for communications with bases around the world and with 
outside military vendors could be vulnerable.

"These aren't the keys to the kingdom we're talking about," the official said. 
"There's no danger that the Chinese are going to hack into our nuclear launch 
codes, but there is the danger they could gather useful intelligence from 
penetrating some of the less sensitive networks that the Department of Defense 
utilizes all over the world."

Recent U.S. intelligence indicates, the official said, "that the Chinese 
government is actively and aggressively working on their cyber-war capability. 
They have a lot of people and a lot of brainpower, and they're smart enough to 
appreciate that a significant aspect of any future armed conflict is going to 
be cyber in nature."

Another government official who asked not to be identified cautioned, however, 
that the immediate threat posed by Chinese computer disruptions is fairly 
limited.

"This is something we're certainly concerned about. But in terms of their being 
able to disrupt Taiwan or U.S. military and civilian infrastructure, they can't 
do it yet. That's the story."

The concept of nations launching cyber-attacks against their enemies is a 
relatively new phenomenon, but it is drawing rising concern from U.S. 
authorities as they assess vulnerability in the national computer 
infrastructure. In an effort to beef up security, budget planners are 
projecting an increase of more than 50% next year in overall computer security, 
bringing the total to more than $4 billion.

The CIA report does not reveal how intelligence analysts arrived at their 
conclusions, and Jonathan Pollack, chairman of the strategic research 
department at the Naval War College, cautioned that there are still many 
unanswered questions about China's plans.

"China is still an issue that worries Americans deeply, and sometimes the 
intelligence community gets a head of steam on these things and can go off on 
tangents that may not be substantiated," he said.

Last year, the spy plane confrontation triggered an avalanche of about 1,200 
attacks against U.S. government and commercial Web sites that were disrupted or 
defaced. Many of the attacks appeared to have been generated by students in 
China, with private hackers leaving patriotic pro-China messages or vowing 
revenge for the death of a Chinese pilot in the plane collision. Several 
hundred attacks on Chinese Web sites were blamed on American hackers, although 
some U.S. technology experts discounted that explanation.

The CIA assessment said China's "nonstate hacking community continues to pose 
the most immediate threat to U.S. computer networks."

It went on to warn that hackers in China "appear to be organizing for 
cyber-attacks again this spring, particularly during student breaks early next 
month and around the anniversary of the EP-3 [surveillance plane] incident."

The anniversary of the EP-3 collision passed uneventfully this month. But 
private security groups say they too have picked up on possible Chinese-based 
attacks in coming weeks--tied to the plane episode as well as China's national 
youth day on May 4 and the May 8 anniversary of the U.S.'s accidental bombing 
of the Chinese Embassy in Belgrade in 1999.

"We're warning our people about it and making sure everyone has their Web sites 
updated with the proper patches" to guard against denial-of-service attacks and 
other hacking, said Michael Cheek, director of intelligence for iDefense, a 
security intelligence service that has government and corporate clients around 
the world.

The U.S. intelligence official said that analysts suspect last year's hackings 
had the "tacit blessing," and even perhaps the active involvement, of the 
Chinese government.

Indeed, a report due out next month from Mulvenon and the Rand Corp., which 
does research for the U.S. government, will allege that the Chinese government 
was directly involved in at least one round of hack attacks.

After a spate of attacks against Web sites in the United States, Australia, 
Canada and England maintained by the Falun Gong religious movement--which China 
considers an "evil cult"--Mulvenon said his investigation unearthed evidence 
showing that at least one U.S. attack originated with the Chinese Ministry of 
Public Security.

"It's very clear to us that this was the ministry's doing, and it was a 
deliberate attempt to smear Falun Gong," he said.
If you want other stories on this topic, search the Archives at 
latimes.com/archives. For information about reprinting this article, go to 
www.lats.com/rights.





--
This was sent to you from http://theMezz.com
To Subscribe/Unsubscribe go to http://techPolice.com