Cyberwar: A cybersecurity firm reports a secretive Chinese military unit is behind many recent "hack attacks" into U.S. computers, stealing trade and military secrets and developing a potentially crippling new weapon.
In a 2009 editorial we noted that units of China's armed forces, whom we dubbed its "Cybertooth Tigers" were developing capabilities to penetrate and potentially disrupt U.S. computer systems as part of the People's Liberation Army's focus on what is known as "asymmetrical" warfare, specifically cyber-warfare.
At least as far back as the 2008 edition of the Pentagon's annual report to Congress entitled "Military Power of the People's Republic of China," it was noted that China's armed forces and other entities "continue to develop and field disruptive military technologies, including those for ... cyberwarfare .. . ."
In future conflicts, the ability to shut down an opponent's command and control systems or its power grids could be as decisive as any traditional engagement on the battlefield. Short of that, the ability to steal another country's business and state secrets is a valuable economic and military asset as Beijing seeks to make the 21st century a Chinese one.
In a 74-page study released Tuesday, the Alexandria, Va.-based cybersecurity firm Mandiant places responsibility for the overwhelming number of cyberattacks on U.S. companies and government agencies at the feet of the 2nd Bureau of the People's Liberation Army General Staff's 3rd Department, most commonly known as Unit 61398, whose work is a Chinese state secret and appears to receive "direct government support."
Unit 61398 "has systematically stolen hundreds of terabytes of data from at least 141 organizations," in diverse industries, said the report.
"It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively," it said. One terabyte is equal to 1,000 gigabytes.
At least 116 of the attacks have targeted organizations and industries in the U.S.
Mandiant's report shows that what has been perceived in some quarters as some sort of a benign Chinese cottage industry is an organized effort largely managed by the Chinese government with huge global economic and strategic implications.
"Once (Unit 61398) has established access (to a target network), they periodically revisit the victim's network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contacts lists from victim organizations' leadership," the report reads.
Michigan Republican Rep. Mike Rogers, who sponsored the Cyber Intelligence Sharing and Protection Act (CISPA), which was eventually tabled in the House, said, "China has stolen so much intellectual property that it would be considered 50 times the print collection of the United States Library of Congress."
As we've noted, the Chinese cyberthreat is not just economic. In a speech at the Intrepid Sea, Air and Space Museum in New York in October, outgoing Defense Secretary Leon Panetta said the U.S. was facing the possibility of a "cyber-Pearl Harbor" and was increasingly vulnerable to foreign computer hackers who could dismantle the nation's power grid, transportation system, financial networks and government.
Like the Stuxnet virus that targeted Iran's nuclear program, computer hackers and the viruses they produce can potentially shut down key U.S. installations.
A March 2007 video of a test by the Idaho National Laboratory shows what kind of damage can be done by a cyberattack.
The video showed a power turbine spinning out of control, becoming a smoking hulk and shutting down as a result of a test cyberattack. China continues to develop new ways to attack us economically and militarily.
Unless we are prepared, our next Pearl Harbor may not begin with an ominous "Tora, Tora, Tora" but with the innocent sounding, "You've got mail."
