China is building its cyberwarfare capabilities and appears to be using the growing technical abilities to collect U.S. intelligence through a sophisticated and long-term computer attack campaign, according to an independent report.
Released Thursday by a congressional advisory panel, the study found cases suggesting that China’s elite hacker community has ties to the Beijing government, although there is little hard evidence.
The commission report details a cyberattack against a U.S. company several years ago that appeared to either originate in or come through China and was similar to other incidents also believed to be connected to the country.
According to the analysis, the company noticed that over several days, data from their network was being sent to multiple computers in the U.S. and overseas. While the report does not identify the company, it contends that the attackers targeted specific data, suggesting a very coordinated and sophisticated operation by people who had the expertise to use the high-tech information. An internet protocol (IP) address located in China was used at times during the episode.
Barring proof, the study by the U.S.-China Economic and Security Review Commission warns that the sort of expansive and sophisticated computer resources that have been seen in cyberattacks on the U.S. and other countries “is difficult at best without some type of state sponsorship.”
The study contends that the Chinese, long reported to be stoking a massive military build up, has also made computer warfare a priority. The Chinese government is said to view such cyberprowess as critical for victory in future conflicts — similar to the priority on offensive cyber abilities stressed by some U.S. officials.
Potential Chinese targets in the U.S., according to the report, would likely include Pentagon networks and databases to disrupt command and control communications, and possibly corrupt encrypted data. The report notes, however, that penetrating such classified systems would be time consuming and difficult.
In large part, the commission report expands on the Pentagon’s annual China military power review. The Defense study said earlier this year that China’s People’s Liberation Army has set up information warfare units to develop viruses to attack enemy computer systems and networks as well as to protect friendly systems.
The Pentagon report described computer attacks believed to have originated in China, but concluded that “it remains unclear if these intrusions were conducted by, or with the endorsement of, the PLA or other elements of the PRC (People’s Republic of China) government.”
The new report, prepared for the commission by Northrop Grumman Corp., relies largely on publicly available information from Chinese hacker web sites, technical articles and analysis of computer intrusions attributed to the Chinese.