Feeds

The Times: PLA war-hackers can switch off US navy

Yellow Peril causes wet knickers among excited scribes

Build a business case: developing custom apps

Unnamed Pentagon figures continue to get big ink for their thesis that Chinese military cyber assault is a threat of trouser-moistening magnitude. Last week's media bandwagon, initiated after Financial Times hacks in Washington obligingly got things rolling, is now thundering along unstoppably as foaming tech-dunce scribes pile aboard.

On Friday it was The Times' turn to play ventriloquist's dummy.

"Chinese military hackers have prepared a detailed plan to disable America’s aircraft battle carrier fleet with a devastating cyber attack, according to a Pentagon report obtained by The Times," says the Thunderer.

Crikey - the aircraft battle carrier fleet, eh? (A rather excitable way, one might take it, of referring to one or more US carrier battle groups; each group consisting of a carrier plus supporting vessels. It's true that China doesn't like carrier groups, as they could interfere very seriously with any attempt to invade Taiwan.)

Anyway - a carrier fleet, or something - disabled by a devastating cyber attack? That sounds pretty scary. Normally if you were going to "disable" a US Navy carrier group you'd want an enormous air or submarine force, and/or a load of hypersonic missiles, or maybe a very large nuclear bomb; something pretty damn major. Truly, this would be a "devastating cyber attack," indeed.

And this is quality information. It's in a "Pentagon report obtained by The Times." That has to mean a serious intelligence document, surely - probably mega secret poop, the kind of thing that the US top brass rely on. It'll be pukka intel based on spy satellite intercept, maybe; or reports from undercover agents in China. Information that ordinary folk seldom see or even get to hear of, unless they're bigshot Times hacks.

Or, you know, it could be a load of old cobblers that's been kicking about in the public domain for years.

"The plan to cripple the US aircraft carrier battle groups was authored by two PLA air force officials, Sun Yiming and Yang Liping," says The Times.

How on Earth did the "Pentagon" spooks get hold of the Yellow Peril's "devastating" new "cyber attack" plan, apparently capable of reducing a hundred billion dollarsworth of sea-going hardware to an irrelevance? If the Commies had something like that they'd keep it pretty secret - you'd think. The American spies who wrote the report "obtained" by The Times must have had to do something pretty amazing to get hold of the secret Chinese plans.

Or maybe not, as in fact the "cyber attack plan" is a chapter in a technical reference book, openly produced by the Chinese academic press. Tactical Datalinks in Information Warfare was published by the Beijing Post and Telecommunications College Press in 2005.

So actually the Pentagon spies just had to buy a copy of it.

American spooks might have done that back in 2005; but if so they aren't telling. However, someone who is telling is Dr Larry Wortzel, author of the "Pentagon report" obtained by The Times. Who is Wortzel? Some kind of super-brainy Pentagon computer analyst nerd, probably. The one in the movie who gets bullied by the macho special-ops guys: but by God, he knows his computer stuff.

Or, as we have here, a retired colonel with a PhD in political science from the University of Hawaii, who has also worked at Conservative Washington thinktanks. But he's written lots of books and stuff about China; and he's read Tactical Datalinks in Information Warfare. It's terrifying stuff, he says:

"Sun Yiming and Yang Liping... have carefully consulted dozens of corporate websites and... technical manuals, to produce a virtual guidebook for electronic warfare and jamming to disrupt critical US... communications, computers, and intelligence..."

The inscrutable little fiends! They've looked at our God-damn websites! And our tech manuals, which we often publish openly! Aiee!

Well, that's it. The US Seventh Fleet may as well pack up and go home; a couple of PLA guys have done a Google search and written a book. All the hundreds of intensively trained electronic warfare guys in each fleet, and all their billion-dollar, triply-encrypted megawatt deathware have been sidestepped. And bizarrely, the PLA have chosen to publish their cyber attack plan to the world.

This is, not to put too fine a point on it, crap. The PLA have next to no chance of seriously threatening the US navy any time soon. And if they did, they'd scarcely publicise their methods. And if that happened, you'd scarcely expect the Pentagon to be relying on political-science thinktank blowhards to analyse such a deeply technical matter for them. And then, supposing all of that had occurred, you wouldn't think the American brass would let their important intel get handed out to the British press.

Again, they didn't. The "Pentagon report obtained by The Times" is a chapter written by Wortzel in a paper published last week by the Strategic Studies Institute of the US Army war college. The Institute is a defence-talking shop similar in nature to the UK's Royal College of Defence Studies: a place where senior government types go to have seminars and do courses and so on. In his screed, Wortzel cut-and-pastes in the same text on Yiming and Liping's book that he used in a previous mongraph of his last May, discussing the Chinese nuclear forces. Those two Chinamen will do to big up any threat you like, it seems.

OK, theoretically this is a "Pentagon report," as the Institute is Pentagon-funded. The Reg has "obtained" the document too, by downloading it (pdf - page 197). It would be a lot more honest, though, to call it an essay, or a whitepaper, or a load of old strat-studies waffle.

So let's just run that first Times paragraph through the translator.

"Chinese military technicians wrote a book on electronic warfare two years ago, according to a bloke with a PhD in politics. We downloaded some of his stuff. He reckons the Chinese are getting more tech savvy."

That's pretty weak. So is the rest of the piece:

"The Pentagon logged more than 79,000 attempted intrusions in 2005 ... The Pentagon uses more than 5 million [networked] computers."

That seems to be about 0.01 attempted intrusions per computer per year: an unbelievably low figure. If it's actually true, the US military can relax.

The "cyber war" against Estonia last February gets trotted out yet again, too. "A massive cyber attack on Estonia by Russian hackers demonstrated how potentially catastrophic a preemptive strike could be on a developed nation," says the The Times. Blimey, yes; there's nothing north of Latvia but ruins, nowadays.

Apparently Linton Wells, "the chief computer networks official at the Pentagon," said that the Estonia attacks “may well turn out to be a watershed in terms of widespread awareness of the vulnerability of modern society".

That seems to be true; many people are actually becoming less aware of the world around us, and bumbling off into some cloud-cuckoo land where the PLA can switch off a carrier strike force at the click of a mouse. This problem is probably most widespread among Times readers.®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?