China's Cyber-Warfare Capabilities Overstated

An anonymous reader writes "A new paper argues that China's cyber-warfare capability is actually pretty poor. '[China has] evinced little proficiency with more sophisticated hacking techniques. The viruses and Trojan Horses they have used have been fairly easy to detect and remove before any damage has been done or data stolen. There is no evidence that China's cyber-warriors can penetrate highly secure networks or covertly steal or falsify critical data,' the paper reads (PDF). 'They would be unable to systematically cripple selected command and control, air defense and intelligence networks and databases of advanced adversaries, or to conduct deception operations by secretly manipulating the data in these networks.'"

Yeah

[fragfoo]

Thats what they want you to think.

Re:

[notgm]

no, *that's* what they want you to think.

Re:

[SharkLaser]

No, US wants people to think China is some powerful enemy and that cyberwar is constant threat. This enables them to pass new more powerful laws, keeps citizens in constant fear and allows US to use things like Stuxnet against Iran.

Re:

[ackthpt]

No, US wants people to think China is some powerful enemy and that cyberwar is constant threat. This enables them to pass new more powerful laws, keeps citizens in constant fear and allows US to use things like Stuxnet against Iran.

All US has to do is shut off a range of IP addresses from Mainland China - that would pretty much stop it. Drastic, yes, but perhaps they day will come. The US Government threatens some IP addresses in Russia, from time to time, so they certainly have dictated to those who route traffic they had best have some controls and a switch for Washington to flip if and when it wants to. Can't say I'd find the concept hard to believe.

It's actually all coming from an attempt by Elma Sniddle to hack a C64 ...

Re:

[SharkLaser]

Yes, because Chinese army is obviously attacking from their own IP addresses.

Re:

[RenderSeven]

But, actually, they do. Dont know if they're naive or overconfident or just dont give a shit, but when I look at attacks on my firewall on a given day the source IP's all trace back to China. Maybe a couple from Korea or Eastern Europe, but 95% of the stuff I see is from China. Maybe its haxorz in Iowa using compromised servers in Beijing but... well, no, its not. Its China attacking from their own IP addresses.

Re:

[Anonymous Coward]

China has a high software piracy rate, many systems are still running Windows XP, some without any service packs. They also have fairly large pipes that provide quicker scanning from an attackers perspective. Couple this with the fact that the compromised box is in China, and i doubt the authorities would release any sort of connection logs to the USA, or other nations.. It's pretty plausible the attackers are not actually even in China - just suing a compromised box there.

Re:

[Anonymous Coward]

You're painting a scene of isolated/unrelated computers around China being hapless members of some great botnet out of reach of Chinese authorities, yet most of these attacks are traced to Chinese universities, and you can be sure those universities are running firewalls and running secured operating systems more often than the general public.

I question your veracity and motivation.

Re:

[euyis]

From my first hand experience: Wrong. Internal networks of many Chinese educational institutions are total hell with all kinds of worms and trojans roaming around.

"Never ascribe to malice that which is adequately explained by incompetence."

Re:

[SharkLaser]

Yeah.. a hacker who wants to hide his tracks would NEVER choose China! It's much better to proxy via country that actually will investigate you!

Re:

[Oxford_Comma_Lover]

A rational nation-state planning for possible cyberwar would have domestic attacks preprogrammed to act in the event of significant (perhaps more than a few days, and with a backup in-country operator) disruption of links to the offensive nation. A communications disruption can mean only one thing...

Re:

[fragfoo]

Got to love guys correcting missing apostrophes but don't care to start phrases with a capital letter.

Re:

[Synerg1y]

You can tell that to the Chinese when they invade.

Re:

[TheCouchPotatoFamine]

whargharrrbal-delight!

Re:

[WRX Gav]

Is the absence of evidence evidence of absence?

Re:

[fragfoo]

Do i *really* have to put smilies for people to understand a funny statement?

Re:

[cavreader]

Well since it was on Slashdot and especially since it was on the Internet it must mean the story is perfectly true. No one has offered any proof except links to other Internet sites with the same story. Well I guess if it is on more than one web page it is doubly true.

Stop using term cyber

[h4rr4r]

Can we all just agree not to use the word "Cyber" anymore? It sound like some sort of silly late 80s early 90s grade B film.

Re:

[oodaloop]

Agreed. What is your proposed alternative?

Re:

[jd]

That's only OK if China's national anthom is "Close to the Edit".

Re:

[sycodon]

That's a genre of music isn't it? Not very good music either.

Uh Oh. Now, I'll be moded flamebait by some aging punk rocker who switched to techno.

Re:

[h4rr4r]

Online, electronic, internet, or lots of other normal words that can already describe these sort of things. No new alternative is needed.

Re:

[SharkLaser]

Online sex.. hm, no please.
Electronic sex.. hm, it could be kinky, but no thanks.
Internet sex.. well that's just boring.

Now cybersex. That's something, and it's kinky too!

Re:

[alamandrax]

How about Technosex?

Re:

[tehcyder]

How about Technosex?

A/S/L?

Re:

[oodaloop]

All of which have prior meanings.

"Online warfare" - Would that include stuxnet, which attacked stand alone systems and needed to be airgapped over?

"Electronic warfare" - Lots of prior art here. This includes stuff like radar jamming. Oh, and my calculator, thermostat, and car navigation system are electronic. Are they now in this war?

"Internet warfare" - What is that, World of Warcraft? Flame wars?

Changing a name in midstream, so to speak, would add to the confusion for most people, not decrease it.

Re:

[CyberBill]

awwwww...

Re:

[Aighearach]

I'll agree to give it up as an adjective, but the verb is here to stay.

Would you rather?

[SniperJoe]

Personally, I'd rather we far overstated China's abilities and designed our systems to counter such a threat.

Would you rather overestimate their abilities or underestimate them?

Re:Would you rather?

[Fluffeh]

I wouldn't be so sure that it is the case. Given my experience with a few large scale projects, the ineptitude of middle managers and a summary of what was provided as a solution for what price, I would worry about how much it would end up costing a government to make systems "impregnable". While I could well be wrong, but I wouldn't at all be surprised if the final cost of such an undertaking ended up being simply astronomical.

If you worry too much about your neighbour getting too much advantage in manufacturing, stop buying ALL their stuff and stop sending your designs to be made there then sold back to your own country. It's not an easy fix, it's not a short term fix, but if a country doesn't have markets for anything and everything they sell, they won't be raking in all that much money - meaning that you can once again sit unfettered on the top of the SuperPower steps.

Re:

[mjr167]

It's actually pretty easy... you don't connect it to the internet.

Re:

[vux984]

Personally, I'd rather we far overstated China's abilities and designed our systems to counter such a threat.

So, like terrorism, then?

Do you really want the TSA administering network security as well?

Re:

[Bucky24]

Well they'd probably just set up some sort of privacy invasive scanner to scan every packet you send to make sure the packet isn't carrying questionable material.... Wait a minute don't certain ISPs do this already?

Re:

[vux984]

That's just the start.

I mean, consider that you aren't allowed to board a plane with dangerous objects like nail clippers or a can of sprite.

Do you really think they'd allow you to connect a personal computer that they didn't completely control to any network in their jurisdiction?

Good God man, you can't just attach your laptop to the internet... you could be the pawn of a chinese hacker group and that laptop could be full of attack tools. Better not chance it. You aren't allowed on the network.

Re:

[Bucky24]

Haha that's funny you'd say that.... I actually got on a plane with nail clippers a few months ago (I forgot they were in my carry-on). TSA agent took my shampoo... my toothpaste (I also forgot about the "no liquids" thing. Apparently toothPASTE is a liquid). But they left my nail clippers... I mean if I had a mind to I could have busted those babies out on the plane and... Cut some serious nails I guess?

Perhaps the Mig-25 is a better comparison

[perpenso]

I get your point but I'd prefer to compare it to the overestimation of the Mig-25's capabilities. This seems more appropriate since it offers a comparable state vs state situation. So the Mig-25 is overestimated, the F-15 is designed to handle this "threat", and the F-15 go on to have a kill/loss ratio of 104:0. It seems there is something to be said for overestimating a potential foe.

Re:

[Synerg1y]

I'm sure the states have a plan to disable china's internet access physically, no system is impenetrable.

Re:

[jd]

It depends on whether it's done for action or voter consumption. For the former, I'd far prefer it to be overestimated and dealt with. However, I despair of DHS or DoD actually being capable of countering anything more threatening than house flies.

For voter consumption, I'd far prefer there to be no estimate at all. The use of estimates to manipulate the population is very Humphrey Appleby. It is Psych Ops against the population the government is sworn to protect and serve, regardless of which way it is don

Re:

[Johnny Mnemonic]

Neither. We have limited resources to defend our interests. If we overspend on an exaggerated cyber threat from China, we must needs reduce the resources allocated to something else. If we short a program that defends us from a threat that was actually understated vs. China's ability, we have made ourselves susceptible.

No Evidence

[jeff4747]

There is no evidence that China's cyber-warriors can penetrate highly secure networks or covertly steal or falsify critical data,'

Because governments love to publicize when someone breaks into their highly secure networks. Every day, the spokespeople for various government agencies get to work and say to themselves, "Boy, I really wish I could announce that our networks have been hacked! That would really make my day!!". The leaders of said agencies go to sleep every night wishing that they could spend tomorrow being grilled by a legislative body over their swiss-cheese network defenses. But alas, tomorrow just brings another boring day of budget meetings.

Or just maybe they don't talk about it.

Tiger Trapped --- Not!!!

[sgt_doom]

You should read the shill, David Wise's book, Tiger Trap, where he inverts everything and when one views the situation without Wise's assumptions, it becomes evident that it supports what Sibel Edmonds said about a secret weapons-selling network within the government (not to mention that his book was rife with errors: pay close attention to pp. 101, 106, 107, and p. 88). Although it's been long obvious to many that the FBI has been completely compromised, both the Wall Street and the Chinese Ministry of St

There is plenty of proof

[strobe74]

Look at their stealth bomber and their stealth fighter.. look familiar? You might think to yourself "hmm.. their stealth bomber looks nearly identical to ours.. and hey!! so does their stealth fighter!" And they just magic'd them out of nowhere. No decades of research.. no skunk-works or area 51 for testing.. just POOF.. a few years after we come up with them and BAM.. China has nearly identical copies. Just a coincidence i'm sure.

looks like top gun! buzz the tower!!

[Joe_Dragon]

looks like top gun! buzz the tower!!

Re:

[Thruen]

Actually... This article [telegraph.co.uk] seems to suggest the Chinese aren't hacking to steal our secrets. I'd find it amusing if they were just repeatedly making silly half-hearted attempts at breaking into our systems just to throw us off the trail of the real problem: people who've lost faith in their country. Well, that and greed. Probably mostly greed. Still, not the TECHNO-warriors of China.... that does sound better.

Re:

[h4rr4r]

What stealth bomber?
Links?
As far as I can tell they don't have one, and only some internet rumors claimed they did.

Re:

[Anonymous Coward]

That's because it's invisible, duh!

Re:

[strobe74]

http://www.defenceaviation.com/2007/11/xian-h-8-chinese-stealth-bomber.html [defenceaviation.com]

Re:

[h4rr4r]

That is the BS internet rumor I was talking about. The picture is not even of a Chinese plane.

Re:

[cyfer2000]

http://www.youtube.com/watch?v=MuyrsdmTqvY [youtube.com] http://www.youtube.com/watch?v=V9rvBLxGs-8 [youtube.com] http://www.youtube.com/watch?v=WM7Tka5ir70&feature=related [youtube.com]

BTW, the first flight of YF22/YF23 was in 1990, 7 years before the birth of /., the first flight of this J20 is 2011, that's 21 years, not "a few years" as in the GP. And F117 was publicly revealed in 1988 ...

Re:There is plenty of proof

[bmo]

So you're going to fault them for taking shortcuts instead of reinventing the wheel?

That's nuts. Nobody reinvents wheels if they can get clues/technology/etc, from elsewhere. Absolutely nobody. Only idiots make stuff from scratch without referring to other technology and practices.

Come the fuck on, the industrial revolution was started in the US along the Blackstone River with "stolen" British ideas. Samuel Slater was no dummy.

What a load of crap, sir.

--
BMO

China high speed rail is a cheap copy of japan

[Joe_Dragon]

with out the safety
In the japan system there is a 45-year, nearly 7 billion-passenger history, there have been no passenger fatalities due to derailments or collisions,

China system is no where near that.

Re:

[Bucky24]

Probably because their regulatory bodies are nowhere near as complex as Japan's as far as transport ion and bullet trains.

Re:

[strobe74]

No i'm just refuting the statement that they're not hacking anything. it's clear they've been through a fair amount of the RnD info from most of our defense contractors already. If there's any blame to be handed out it's that our defense contractors don't take security as seriously as they should.

Re:

[bmo]

Yeah, I'll buy that argument.

The stereotype of American companies being shortsighted is a stereotype because it's true. It's not just defense contractors.

--
BMO

Re:

[bmo]

This is late, and I don't expect you to read it because anon cowards never do, but I am going to state for the record that calling it spying is a load of hypocrisy when people like Samuel Slater (one of many) are called heroes here in the US.

--
BMO

fool

[unity100]

the principles behind how geometric shapes deflect, refract or break the radio waves have been known since 1950s. any object made to do that, would resemble another object built to do that.

Re:

[strobe74]

This one..
http://www.defenceaviation.com/2007/11/xian-h-8-chinese-stealth-bomber.html [defenceaviation.com]

The fighter is called the J-20 which is nearly identical to the F-22

They look familiar don't you think?

Re:

[ColdWetDog]

It may look similar but it's not likely to have the fancy internals that the F-22 has. For one thing, it lacks the thrust vectoring nozzles on the engines. That is a significant component of the aircraft's capabilities. You can copy the outside by looking at a recent copy of Aviation Week. It doesn't mean you downloaded the PCBs and code.

Re:

[strobe74]

Funny how boeing and other companies are coming out with stealth vehicles that don't look *exactly* the same as the F-22. Even the boeing plane that competed against the F-22 looked nothing like it and it was stealth. I'm not sure you know what you're talking about.

http://www.retrothing.com/2009/03/boeing-f-15se-stealth-fighter.html [retrothing.com]

Doesn't like the a duplicate of the F-22 to me.

Re:

[unity100]

there is only one shape that deflects/refracts/breaks radio waves _in a way to make them less detectable_.

yes. read up. the shapes for that are defined. you need to break and deflect the waves, while also absorbing it with absorbent material. thats why b2s had visible radar image compared to f117s. mainly due to the round shape of the cockpit of b2s.

Re:

[farble1670]

i have a plastic model at home that looks like the stealth bomber as well. however, if you really press me on it, i'd have to come clean and admit it doesn't fly, it's made out of plastic, and exhibits no stealth capabilities whatsoever.

Beware teh Chinese

[sneakyimp]

Does the summary strike anyone else as a bit xenophobic? Or perhaps a bit skewed toward occidental cultures?

Re:

[poity]

How so? Because there are instances of "China" and "they"? I'm not really feeling it -- replace it with "American" or "the Americans" and you'll find thousands of instances on this site, especially in articles about the US throwing its weight around. I'm Chinese-American and I can assure you you'll have a far more interesting time analyzing the possible linguistic indicators of xenophobia in the Chinese language. For example, "foreigner" is is a common word in Chinese that most people don't give much though

Re:

[sneakyimp]

Yes I suppose it is in fact the use of "China" and "they" rather than some specific organization within China referred to as "they". If the article is about capabilities within the US or Europe, it typically refers to a specific organization of sub-group rather than the entire nation.

Interesting point about the linguistic aspects. It's funny how vague and quaint language can be compared to experience.

Re:

[pcxmac]

dang those Chinese

We're Americans, it's our job to be afraid

[Anonymous Coward]

Did we really need this paper to tell us that China's pathetic, underpaid skeleton of a software industry was no match for the NSA?

The Imperial mindset is this - if a potential rival or adversary is capable of even token resistance, then this is a major emergency and they are a threat to our entire way of life! See also, Sandanistas three days drive from Texas, the peril posed by Sioux and Mexicans, Saddam and his mushroom cloud, and of course the Yellow Peril.

I don't doubt that the Chines

Oh Noes!

[Anonymous Coward]

A few years ago, in Ramadi Iraq I got shot by a sniper (twice!). It was pretty bad, but not nearly as horrific as if a foreign nation had totally crashed my web domain and/or email server. God help me if those bastard wrecked my telnet... I probably wouldn't be here today to tell the tale.

What a relief!

[TwineLogic]

Surely if Desmond Ball says it was not the Chinese military which took over control of U.S. Weather Satellites, potentially rendering them into anti-satellite weapons, then I guess we can stop worrying about it.
I don't know who this Desmond Ball person is, but... he published a paper! Wow.
Slashdot = Disinformative

This sounds a lot like...

[bmo]

..whistling past the graveyard. It sounds a /lot/ like what US automobile manufacturers said about the Japanese in the 60s and 70s. And then the Japanese whipped Ford, Chrysler, and GM's collective asses.

Go ahead, dismiss your opponent as incompetent. Down that road lies complacency and defeat.

--
BMO

This reminds me of something...

[kikito]

Have they learned from the Japanese!

http://www.southparkstudios.com/clips/103420/japanese-charm [southparkstudios.com]

So...

[binaryhat]

Who or what entity has been hacking into major US companies if it's not China? North Korea, nope. Russia? Not their style.

Newsflash

[instagib]

Politicians and journalists from English speaking countries ALWAYS overstate the potential of national threats. And boy do they love their security theatre. The best one: The American president giving a speech abroad. Hilarious!

Re:

[Aighearach]

The American president giving a speech abroad. Hilarious!

You've got a derp on your chin, you might want to wipe that.

But...

[Krater76]

They would be unable to systematically cripple selected command and control, air defense and intelligence networks and databases of advanced adversaries, or to conduct deception operations by secretly manipulating the data in these networks.

But, could we (as in the US) do those things? Because that would be super.

Apologist much?

[FyberOptic]

What difference does it make whether the attacks are detectable? DDoS for example is detectable, but that doesn't make it any less potent of a weapon. As someone who has dealt with blocking Chinese break-in attempts for years, and at one point blacklisted IP blocks from the entire region, I can tell you that China is a scourge on the internet at best, and a damaging force against major targets at worst. There's more than enough evidence of that.

The really good hackers

[Hentes]

are the ones that don't get caught. Americans only detect the lousy attempts.

Don't need sophistication when your enemies use MS

[antifoidulus]

They don't need particularly sophisticated techniques when their favored targets insist on using that steaming pile of insecure shit known as Windows. Using Windows for anything critical is sort of like being a gazelle and bathing in meat tenderizer, you are just making it too easy and too tempting for the lion to come and eat you.

Re:

[antifoidulus]

HAHAHAHAHA, it's so adorable that you believe that Microsoft bullshit. You want to know why Microsoft servers are so rarely hacked? Because so many people got burned running Windows bullshit that very, VERY few websites actually run Windows or IIS, and thus they are not compromised. Also, the # of vulnerabilities is a bullshit metric that Microsoft likes to tout because it's the ONLY metric that makes them look good, the thing is the vast majority of Linux kernel bugs are actually escalation of privilege

Re:

[antifoidulus]

All I had to do was read the first line of your post to realize that you have 0 clue about anything, so there was no reason to even bother with the rest, you are just some MSCE who is worried because your platform is becoming irrelevant. Android uses the Linux kernel yes, but that doesn't make it some sort of "Linux variant", at least not in the same way that you seem to think it is. Unlike Windows, anyone is free to modify Linux, and the overwhelming majority of the "flaws" you point out are with things

Re:

[gmhowell]

Did you go read that article about Turbo Pascal? Isn't that the precursor to Delphi?

Cyber Gap

[Logreybaby]

Sounds kind of like the Bomber Gap [wikipedia.org].

Really, who gives a year of the rat's ass???

[sgt_doom]

I mean, since they (Corporate America) have offshored the majority of the production assets there, and the capital assets there, and along with offshoring all those jobs, they've offshored that technology many of us were involved in creating, and both the Clinton and the Bush administrations gave them free military technology (pretty much), why would anyone really care now that those scumbags and their shills want to create fear about them. They shipped them all the weaponry, let them go fight them or stew

The threat still exists

[Staticharge]

Some people tend to worry more about fires, floods, hurricanes, tornadoes, etc, than they likely need to. But they still happen, and you don't want to be the unlucky individual hit by one and be unprepared for it.

Drink with a national....

[JoeMerchant]

I got drunk with a Chinese national in college once, he started going on about how China will be great in the future the way the US is great now, maybe greater.... real national pride coming through in a way I have never seen in any American, even the NASA heads in Houston weren't that fervently patriotic.

They outnumber the US in population by more than 3-1, they have at least as many children educated to a level where they can didactically learn h4x0r 5x1llz like our kids do. And, if they give these kids

The problem is not China is the US...

[feranick]

According to Richard Clarke, a former National Security advisor, and Special Advisor to the President on cybersecurity and cyberterrorism, it's not that China has extraordinary capabilities for cyber attack. It's the US that has essentially no defense. The US is the country with the highest penetration of the Internet in infrastructure (power grid, defense contractors, etc), often run with systems not designed to be exposed to the Internet itself. There is currently no government plan to defend against any

ION, Chinese scientists continues to impress

[G3ckoG33k]

In other news, Chinese scientists-make blood from rice!

http://www.cbsnews.com/8301-504763_162-20128572-10391704/scientists-get-blood-protein-from-rice-whats-it-for/ [cbsnews.com]

"Scientists have found a way to use rice to "grow" the critical human blood protein albumin, which is used to make vaccines and to treat cirrhosis of the liver and other medical problems. "It looks like an interesting technological step forward," Dr. Richard J. Benjamin, chief medical officer for the American National Red Cross, told Fox News. "I

Ironic.

[BlackArrow]

I find it very ironic that someone posts a story about Chinese ability to hack, and it is a PDF. No way in hell I am clicking on that sucker.

To quote Sun Tzu...

[sociocapitalist]

"Appear weak when you are strong, and strong when you are weak.”

Cyber-cold war

[D3]

We have been in a "cyber" cold war with the Chinese (and others) for years. The recent theft of IP at RSA and many other companies is due to reasonably sophisticated persistent malware (advanced persistent threat in marketing terms) that can take a medium size business months to eradicate with outside professional help. Basically, there is a lot of information gathering going on and a lot of theft of things the US tries to restrict the Chinese from acquiring. To underestimate their abilities, goals, and mot

How about this

[Ramin_HAL9001]

Chinese chip manufacturers hack the VHDL source to install back-doors in all chips. The Chinese military then uses these back doors to install key-logging software on any computer controlled by these chips, then use the key-loggers to steal passwords from people who have control over very dangerous things. They then forge identities and start taking control of stuff that needs more than just a password to access.

Really, this is beyond their capabilities? A bit optimistic, aren't we?

Re:

[satuon]

So far all their attacks I've heard about were made by sending emails to employees at a company and asking them to run exe files. If that's all it takes then everyone who can speak decent English and has access to off-the-shelf Trojans is a potential Hacker.

It's not that the Chinese jump high, it's just that the bar is so low.