Feeds

Chinese and US military square off for cyber war games

Tensions mount as APT attacks continue

High performance access to file storage

The United States and Chinese military have been locking horns in secret cyber warfare exercises designed to help prevent the outbreak of real war between the two.

The Guardian revealed that two so-called war games were carried out last year through intermediary and Washington think-tank the Center for Strategic and International Studies (CSIS) and organised with the help of the Beijing-based China Institute of Contemporary International Relations.

State department and Pentagon officials reportedly took part in the meetings with their Chinese counterparts in Bejing last June.

The first exercise required both sides to explain what steps they would take if attacked with a Stuxnet-like virus, while the second went further by asking them what they would do if it became clear the attack had been launched by the other country.

The US apparently agreed to the exercises in the hope of airing its frustrations at the growing number of cyber attacks aimed at its government, critical infrastructure and other organisations, but unsurprisingly its efforts appear to have hit another Chinese brick wall.

"China has come to the conclusion that the power relationship has changed, and it has changed in a way that favours them. The [People's Liberation Army] is very hostile. They see the US as a target. They feel they have justification for their actions. They think the US is in decline," CSIS director Jim Lewis told the paper.

“The Chinese are very astute. They send knowledgeable people. We want to find ways to change their behaviour ... [but] they can justify what they are doing. Their attitude is, they have experienced imperialism and they had a century of humiliation."

Although another exercise is reportedly scheduled for May, there is little sign that efforts – purportedly by the Chinese government, its allies, or those in its employ – to steal military and other strategically valuable information from the US mainly via advanced persistent threat (APT) attacks which are designed to go unnoticed.

The most recent piece of research of note was a paper (PDF) from defence contractor Northrop Grumman which claimed that the PLA’s advanced information warfare capabilities represent a “genuine risk” to the US military in the event of a conflict.

It went on to claim that the commercial IT sector in China and academic institutions have helped boost the military’s R&D efforts in this area and warned that Chinese-made tech kit could also present a security risk if used in mission-critical environments.

In the face of such a formidable foe, it is probably of some comfort to the US and its allies that all is not completely tip-top in the PLA.

A new report for global mag Foreign Policy revealed that, according to one senior PLA general, widespread corruption in the Chinese military could cripple its ability to wage war successfully.

China has, of course, denied it is involved in any cyber espionage and indeed frequently portrays itself as the victim of attack.

A report last month from the government’s National Computer Network Emergency Response Technical Team and Coordination Center claimed that attacks on Chinese bodies from outside of its borders jumped from five million in 2010 to 8.9 million last year. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.