/ 6 September 2007

China denies cyber-spying charges

From the German chancellery to the Pentagon, government computer networks have been targeted by cyber spies that media reports say were directed by China’s military.

China denies backing such attacks, and foreign governments have declined to openly accuse Beijing. Yet, after the spectacular test of a Chinese anti-satellite weapon this year, the reports are shining a new light on China’s pursuit of ways to confront a stronger foe with unconventional strategies.

The reported Pentagon attack was the ”most flagrant and brazen to date”, said Alex Neill, an expert on the Chinese military at London’s Royal United Services Institute. Neill, quoted by the Guardian on Wednesday, said such attacks began at least four years ago.

Critics say motives range from the stealing of secrets or confidential technology, to probing for system weaknesses and placing hidden viruses that could be activated in a conflict.

Experts say responsibility is not conclusive, pointing out that China is home to many insecure computers and networks that hackers in other countries could use to disguise their locations and launch attacks.

However, Chinese military thinkers have long debated such strategies as part of ”asymmetric warfare” — the use of attacks on satellites, financial systems and computer networks to strike at a stronger conventional foe.

”In the information age, the influence exerted by a nuclear bomb is perhaps less than the influence exerted by a hacker,” a pair of Chinese colonels wrote in a key 1999 work on asymmetrical strategies titled Unlimited Warfare.

The June cyber attack on the Pentagon forced officials to take down an email system in the office of Defence Secretary Robert Gates for more than a week, according to a report on Monday in the Financial Times that quoted unidentified officials. It said the officials identified the People’s Liberation Army as being behind the attack.

The Defence Department confirmed on Tuesday that the attack occurred, but it wouldn’t identify the country from which it originated.

”It is often difficult to pinpoint the true origin of an intrusion into computer systems and even more difficult to tie the intrusion to a specific nation or government,” Pentagon spokesperson Bryan Whitman said.

China denied being behind the attack, saying that the allegations were ”groundless” and that it opposes cyber crime.

The report marked the third time in two weeks that China’s military was accused of hacking into the computers of foreign governments.

The Guardian earlier said Chinese attackers launched online assaults on the network at Britain’s Parliament, the Foreign Office and Defence Ministry. Citing unidentified government officials, the newspaper said some of the hackers were believed to be from the Chinese military, although the British government refused to comment on the claim.

Last month, the German weekly Der Spiegel said computers at the chancellery and three ministries had been infected with so-called Trojan horse programs, which allow an attacker to spy on information in a computer.

The report, which appeared on the eve of German Chancellor Angela Merkel’s visit to Beijing, said Germany’s domestic intelligence agency believed hackers associated with the Chinese army might have been behind the attack.

China also called those accusations groundless, and Chinese experts stood by the government’s claims.

”My government has already designated them as fabricated. I can’t understand why these foreign media would want to harm their reputations on such a serious issue,” said Shen Dingli, director of the Institute of American Studies at Fudan University in Shanghai.

Warning

The January anti-satellite test, in which a Chinese missile blew apart a defunct Chinese weather satellite, was seen as a warning to the United States, whose military is heavily dependent on its eyes in the sky to monitor and coordinate military action.

China did not announce the test and delayed confirming it afterward, leading to speculation that political leaders might not have been fully informed in advance.

Whether or not cyber attacks are officially approved, China has become a growing focus of global anti-hacking efforts, partly due to the size of the country’s internet user population, now estimated at 140-million.

In a report earlier this year, security software maker Symantec listed China as having the world’s second largest amount of malicious computer activity, after the United States.

”The country is one of the most recognised international black-hat nations,” it said, using the industry’s term for destructive or criminal hacking.

Experts say attacks originating in China often employ standard weaponry such as Trojan horses and worms, but in more sophisticated ways. In some cases, hackers slip in after launching viruses to distract monitors, or coordinate multiple attacks for maximum effect.

Officers at the Norfolk, Virginia.-based Naval Network Warfare Command told reporters earlier this year that attacks coming from China far exceeded those from elsewhere in ”volume, proficiency and sophistication”, according to Federal Computer Week, a technology trade publication.

The deliberateness and thoroughness of the attacks led officials to believe they must be government supported, an officer said. ‒ Sapa-AP