Feeds

Chinese and US military square off for cyber war games

Tensions mount as APT attacks continue

3 Big data security analytics techniques

The United States and Chinese military have been locking horns in secret cyber warfare exercises designed to help prevent the outbreak of real war between the two.

The Guardian revealed that two so-called war games were carried out last year through intermediary and Washington think-tank the Center for Strategic and International Studies (CSIS) and organised with the help of the Beijing-based China Institute of Contemporary International Relations.

State department and Pentagon officials reportedly took part in the meetings with their Chinese counterparts in Bejing last June.

The first exercise required both sides to explain what steps they would take if attacked with a Stuxnet-like virus, while the second went further by asking them what they would do if it became clear the attack had been launched by the other country.

The US apparently agreed to the exercises in the hope of airing its frustrations at the growing number of cyber attacks aimed at its government, critical infrastructure and other organisations, but unsurprisingly its efforts appear to have hit another Chinese brick wall.

"China has come to the conclusion that the power relationship has changed, and it has changed in a way that favours them. The [People's Liberation Army] is very hostile. They see the US as a target. They feel they have justification for their actions. They think the US is in decline," CSIS director Jim Lewis told the paper.

“The Chinese are very astute. They send knowledgeable people. We want to find ways to change their behaviour ... [but] they can justify what they are doing. Their attitude is, they have experienced imperialism and they had a century of humiliation."

Although another exercise is reportedly scheduled for May, there is little sign that efforts – purportedly by the Chinese government, its allies, or those in its employ – to steal military and other strategically valuable information from the US mainly via advanced persistent threat (APT) attacks which are designed to go unnoticed.

The most recent piece of research of note was a paper (PDF) from defence contractor Northrop Grumman which claimed that the PLA’s advanced information warfare capabilities represent a “genuine risk” to the US military in the event of a conflict.

It went on to claim that the commercial IT sector in China and academic institutions have helped boost the military’s R&D efforts in this area and warned that Chinese-made tech kit could also present a security risk if used in mission-critical environments.

In the face of such a formidable foe, it is probably of some comfort to the US and its allies that all is not completely tip-top in the PLA.

A new report for global mag Foreign Policy revealed that, according to one senior PLA general, widespread corruption in the Chinese military could cripple its ability to wage war successfully.

China has, of course, denied it is involved in any cyber espionage and indeed frequently portrays itself as the victim of attack.

A report last month from the government’s National Computer Network Emergency Response Technical Team and Coordination Center claimed that attacks on Chinese bodies from outside of its borders jumped from five million in 2010 to 8.9 million last year. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.