World View: New Report Reveals Cyber Attack by China's Army

This morning's key headlines from

  • New report reveals massive cyber war attack by China's army
  • China continues war preparations
  • Revisiting Huawei and ZTE
  • China rejects Philippines arbitration application

New report reveals massive cyber war attack by China's army

The building in Shanghai housing People's Liberation Army Unit 61398
The building in Shanghai housing People's Liberation Army Unit 61398

Mandiant, an American computer security company, has issued a lengthy report that shows, beyond a reasonable doubt, that China's People's Liberation Army (PLA) is directing its "Unit 61398" to conduct a stealth world wide cyber war, particularly targeting American government and corporate organizations. Unit 61398 has possibly thousands of people, specializing in hacking into American and Canadian networks. It works in a Shanghai building guarded by PLA soldiers. Mandiant refers to the unit as APT1, and according to the report:

"Our evidence indicates that APT1 has been stealing hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006. Remarkably, we have witnessed APT1 target dozens of organizations simultaneously. Once the group establishes access to a victim’s network, they continue to access it periodically over several months or years to steal large volumes of valuable intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, emails and contact lists from victim organizations’ leadership. We believe that the extensive activity we have directly observed represents only a small fraction of the cyber espionage that APT1 has committed. ... Since 2006 we have seen APT1 relentlessly expand its access to new victims."

Once APT1 gains control of someone's network, it retains control in stealth mode and downloads all the data in the network. In one case, APT1 accessed a network for four years and ten months. In another case, APT1 downloaded 6.5 terabytes of information in ten months. According to the report:

"Our research and observations indicate that the Communist Party of China is tasking the Chinese People’s Liberation Army to commit systematic cyber espionage and data theft against organizations around the world."

There have been dozens of publicly known Chinese hacker attacks on American companies, including recent ones on the New York Times and the Wall Street Journal, and probably tens of thousands more that are unknown or haven't been publicized. Whenever one is made public, the Chinese angrily deny it, and demand proof. Thanks to the Mandiant report, we now have proof.

The White House has responded by threatening to "strike back" through fines, penalties and other trade restrications, but this appears to be a fantasy to me. Telegraph (London) and AP

China continues war preparations

It's worth taking a moment to review previous statements and actions by China, as it prepares for war:

  • Last month, China directed the PLA to 'Get Ready for War.' One senior PLA officer is advocating a strategy of "Kill a chicken to scare the monkeys." This means that China would win a short, decisive war with Vietnam, the Philippines or Japan. Everyone else would do as China demands, and the Americans would "run like rabbits."
  • China's military budget has been increasing exponentially for years, and now China's military is deploying a large number of new warships, tanks, missiles, submarines and strike aircraft, much of it in preparation for full-scale war with the United States. These weapons include hundreds (and perhaps thousands) of mobile, nuclear ballistic missiles targeting American cities, and newly developed missiles capable of striking and disabling American aircraft carriers. For the first time in its modern history, China has the firepower to contest control of disputed territory far from its coastal waters.
  • China is demanding sovereign control of the entire South China Sea, including islands and regions that have historically belonged to other nations. In November, China announced that it would be moving additional warships into the South China Sea, and that, starting some time in 2013, China's police would board and take control of any ship entering whatever it claims it owns.
  • China has declared economic war on Japan in order to gain control of the Senkaku/Diaoyu islands controlled by Japan. Chinese citizens have smashes Japanese cars and factories in China to force Japan to give up its historic control of these islands.
  • China has implemented massive military buildups in Tibet, in preparation for war with India.
Now we have the Mandiant report that proves that China has been conducting cyber warfare against the United States for years.

Revisiting Huawei and ZTE

Last year, House Intelligence Committee warned American companies against doing business with Chinese companies Huawei (pronounced WAH way) and ZTE. (See "14-Oct-12 World View -- Huawei scandal exposes potential 'Cyberwar Pearl Harbor' from China") The reason is computer chips supplied by these vendors appear likely to contain "back door" capabilities that would permit the Chinese to take control of any computer or router in which their chips were installed.

Since then, I've seen a number of young people ridicule these concerns. One British politician said that all these chips have been thoroughly tested, and so a "back door" is impossible. Some Chinese officials have sworn that there are no back doors. So I'd like to respond to these comments.

In the past, I've developed software for embedded systems down to the bare hardware level. At that level, you're dealing with chips that are completely opaque, except for a set of specifications that say, "If you send the chip the command 'x', then it will do 'y'". So anyone who tests the chip will simply verify that it works correctly according to the specifications. You have no visibility into how the chip executes that command. In particular, if "x" is some 512-bit code, known only to the chip designers, that makes the chip do something that's not in the specifications, then no test can determine that fact. Those codes would be known only to the chip designers, and not to even other Chinese workers and managers working on related projects that use the chips. So if the PLA ordered a chip maker to add a backdoor to a chip, it could not be found by testing, and no one else would know about it.

Now, since the PLA COULD have done this, we can conclude that they MUST have done this, because they're preparing for war in every other way, and would not give up the opportunity to prepare for war in this way.

Huawei and ZTE are among the biggest chip producers in the world, with large shares of the market in almost every country. There's a good chance that your computer has one of these chips, and that my computer has one of these chips. The same is true of utilities and manufacturing organizations around the world.

China rejects Philippines arbitration application

Earlier this year, the Philippines applied to the United Nations International Tribunal on the Law of the Sea (ITLOS) to settle the dispute over the Scarborough Shoal, a Philippines island that China is claiming. (See "24-Jan-13 World View -- Furious Chinese spokesman blasts Philippines for seeking arbitration")

On Tuesday, China officially rejected arbitration:

"Chinese Ambassador to the Philippines Ma Keqing had an appointment with officials from the Philippines' Foreign Ministry on Tuesday and returned a note and related notice after expressing China's rejection. The note and related notice not only violate the consensus enshrined in the Declaration on the Conduct of Parties in the South China Sea, but are also factually flawed and contain false accusations."

The Philippines Department of Foreign Affairs responded as follows:

"This excessive claim is the core issue of the Philippines’ arbitration case against China. The Department stresses that China’s action will not interfere with the process of Arbitration initiated by the Philippines on 22 January 2013. The Arbitration will proceed under Annex VII of UNCLOS and the 5-member arbitration panel will be formed with or without China."

Xinhua and Mindanao Examiner

Permanent web link to this article
Receive daily World View columns by e-mail


Breitbart Video Picks



Fox News National



Send A Tip

From Our Partners