Feeds

Chinese and US military square off for cyber war games

Tensions mount as APT attacks continue

The Essential Guide to IT Transformation

The United States and Chinese military have been locking horns in secret cyber warfare exercises designed to help prevent the outbreak of real war between the two.

The Guardian revealed that two so-called war games were carried out last year through intermediary and Washington think-tank the Center for Strategic and International Studies (CSIS) and organised with the help of the Beijing-based China Institute of Contemporary International Relations.

State department and Pentagon officials reportedly took part in the meetings with their Chinese counterparts in Bejing last June.

The first exercise required both sides to explain what steps they would take if attacked with a Stuxnet-like virus, while the second went further by asking them what they would do if it became clear the attack had been launched by the other country.

The US apparently agreed to the exercises in the hope of airing its frustrations at the growing number of cyber attacks aimed at its government, critical infrastructure and other organisations, but unsurprisingly its efforts appear to have hit another Chinese brick wall.

"China has come to the conclusion that the power relationship has changed, and it has changed in a way that favours them. The [People's Liberation Army] is very hostile. They see the US as a target. They feel they have justification for their actions. They think the US is in decline," CSIS director Jim Lewis told the paper.

“The Chinese are very astute. They send knowledgeable people. We want to find ways to change their behaviour ... [but] they can justify what they are doing. Their attitude is, they have experienced imperialism and they had a century of humiliation."

Although another exercise is reportedly scheduled for May, there is little sign that efforts – purportedly by the Chinese government, its allies, or those in its employ – to steal military and other strategically valuable information from the US mainly via advanced persistent threat (APT) attacks which are designed to go unnoticed.

The most recent piece of research of note was a paper (PDF) from defence contractor Northrop Grumman which claimed that the PLA’s advanced information warfare capabilities represent a “genuine risk” to the US military in the event of a conflict.

It went on to claim that the commercial IT sector in China and academic institutions have helped boost the military’s R&D efforts in this area and warned that Chinese-made tech kit could also present a security risk if used in mission-critical environments.

In the face of such a formidable foe, it is probably of some comfort to the US and its allies that all is not completely tip-top in the PLA.

A new report for global mag Foreign Policy revealed that, according to one senior PLA general, widespread corruption in the Chinese military could cripple its ability to wage war successfully.

China has, of course, denied it is involved in any cyber espionage and indeed frequently portrays itself as the victim of attack.

A report last month from the government’s National Computer Network Emergency Response Technical Team and Coordination Center claimed that attacks on Chinese bodies from outside of its borders jumped from five million in 2010 to 8.9 million last year. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.