Feeds

Chinese tech firms fingered for military collaboration

US defence report alleges firms help army's R&D

Intelligent flash storage arrays

The People’s Liberation Army is actively arming and developing its soldiers with advanced information warfare capabilities which would represent a “genuine risk” to US military operations in the event of a conflict, a new report has alleged.

Contractor Northrop Grumman’s detailed 136-page report (PDF) for the US government on the cyber threat posed by China was released on Thursday.

The contractor asserts that the People’s Republic has come to believe that information warfare (IW) and computer network operations (CNO) are a vital part of any military operation and are integrating them with traditional components under a framework known as “information confrontation”.

It argues that the Chinese military is constantly evaluating US command and control infrastructure and will therefore likely “target these system with both electronic countermeasures weapons and network attack and exploitation tools” in the event of a conflict.

As Chinese capabilities in joint operations and IW strengthen, the ability to employ them effectively as either deterrence tools or true offensive weapons capable of degrading the military capabilities of technologically advanced nations or hold these nations’ critical infrastructure at risk in ways heretofore not possible for China will present US leaders and the leaders of allied nations with a more complex risk calculus when evaluating decisions to intervene in Chinese initiated conflicts such as aggression against Taiwan or other nations in the Western Pacific region.

The report also reveals the extent to which China’s military relies on academia and the commercial IT sector to boost R&D efforts; according to the contractor, 50 state universities are receiving grants to help them carry out information security and warfare research.

Huawei, ZTE and Datang are also all named in the report as having close collaborative ties with the PLA, with the former named as an “advanced source of technology” for the military.

Rather than isolate certain state owned IT firms as exclusively “defense” in orientation, the PLA, often operating through its extensive base of R&D institutes, alternately collaborates with China's civilian IT companies and universities and benefits as a customer of nominally civilian products and R&D. The military benefits because it receives the access to cutting edge research. This work is often carried out by Chinese commercial firms with legitimate foreign partners supplying critical technology and often sharing the cost of the R&D.

A secondary benefit to the PLA of this strategy is the ready access to the latest commercial off-the-shelf (COTS) telecommunications technology brought in by China's access to the foreign joint ventures and international commercial markets.

The report goes on to warn that joint ventures of the Symantec Huawei type could lead to a risk of intellectual property theft and long-term erosion of competitiveness for Western firms.

The close relationship between China’s large multinational telecoms and hardware-makers and the PLA also creates a potential for state-sponsored or directed attacks against the supply chain for equipment used by military, government and private industry, the report warns.

This is, of course, all territory we’ve visited before, with the US House of Representatives already investigating (PDF) the national security risk posed by the likes of Huawei and ZTE, although the report should get more than a cursory read in Washington, given its author and the amount of detail it goes into.

Huawei in particular has come in for a huge amount of scrutiny, given president and CEO Ren Zhengfei served in the People’s Liberation Army while a US intelligence report last year tied chairwoman Yun Safang to the mysterious Ministry of State Security.

The firm was even forced to walk away from a proposed acquisition of server biz 3Leaf after pressure from the United States government.

It’s also interesting to compare the current Northrop Grumman report with its 2009 predecessor (PDF), which was much more circumspect about the role of academia and especially commercial technology enterprise in China’s military affairs.

These reports focus entirely on the threat posed by China, of course, so there is no mention of the fact that the US, UK and other nations obviously have their own offensive and defensive cyber warfare strategies.

The UK coalition takes this sort of thing particularly seriously, having upgraded cyber attacks to a tier-one threat, and in its Cyber Security Strategy released in November 2011 explained that GCHQ would be receiving more funds to help it detect attacks and counter-attack.

The document also revealed a new Cyber Defence Operations Group would be installed at the Ministry of Defence from next month. Overseen by Air Marshall Sir Stuart Peach, head of the new Joint Forces Command, the group will have a mission to develop "new tactics, techniques and plans to develop military cyber capabilities”.

For its part, China has always vehemently denied any allegations that it is involved in state-sponsored hacking, most notably last June when the Chinese ambassador told attendees at the Worldwide Cybersecurity Summit that the country was fully supportive of the fight against cyber crime.

It has been a little more reticent in explaining developments in the military, however. ®

Internet Security Threat Report 2014

More from The Register

next story
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.