- Tickets linked to stolen passports purchased by Iranian middleman
- More than 3,500 police planned for Boston Marathon
- Real-life Dr. Doolittle to reveal how to talk to animals
- Climate change could bring back smallpox, researchers say
- Shoe-bomb witness to speak from London at N.Y. trial
- New evidence could threaten Army sex assault case
- George Zimmerman signs autographs at Orlando gun show
- GOP lawmaker faces fire for NBA crime tweet
- Taliban vow to ‘use all force’ to disrupt Afghan elections
- Atheists sue to remove ‘Ground Zero Cross’ from 9/11 museum
China blocks U.S. from cyber warfare
Editor’s note: An earlier version of this story incorrectly stated the number of cyber intrusions detected by the security firm Solutionary in March. It was 128 per minute. The story also misidentified Kevin G. Coleman, a computer security specialist at Technolytics. He is a consultant to the office of the director of national intelligence. Both errors have been corrected in this version.
China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing’s networks impenetrable to U.S. military and intelligence agencies.
The secure operating system, known as Kylin, was disclosed to Congress during recent hearings that provided new details on how China's government is preparing to wage cyberwarfare with the United States.
“We are in the early stages of a cyber arms race and need to respond accordingly,” said Kevin G. Coleman, a private security specialist who advises the government on cybersecurity. He discussed Kylin during a hearing of the U.S. China Economic and Security Review Commission on April 30.
The deployment of Kylin is significant, Mr. Coleman said, because the system has “hardened” key Chinese servers. U.S. offensive cyberwar capabilities have been focused on getting into Chinese government and military computers outfitted with less secure operating systems like those made by Microsoft Corp.
“This action also made our offensive cybercapabilities ineffective against them, given the cyberweapons were designed to be used against Linux, UNIX and Windows,” he said.
The secure operating system was disclosed as computer hackers in China - some of them sponsored by the communist government and military - are engaged in aggressive attacks against the United States, said officials and experts who disclosed new details of what was described as a growing war in cyberspace.
These experts say Beijing's military is recruiting computer hackers for its forces, including one specialist identified in congressional testimony who set up a company that was traced to attacks that penetrated Pentagon computers.
Chinese Embassy spokesman Wang Baodong declined immediate comment. But Jiang Yu, a Chinese Foreign Ministry spokesman, said April 23 that the reports of Chinese hacking into Pentagon computers were false.
“Relevant authorities of the Chinese government attach great importance to cracking down on cybercrimes,” Ms. Jiang said. “We believe it is extremely irresponsible to accuse China of being the source of attacks prior to any serious investigation.”
Mr. Coleman, a computer security specialist at Technolytics and a consultant to the office of the director of national intelligence and U.S. Strategic Command, said Chinese state or state-affiliated entities are on a wartime footing in seeking electronic information from the U.S. government, contractors and industrial computer networks.
Mr. Coleman said in an interview that China’s Kylin system was under development since 2001 and the first computers to use it are government and military servers that were converted beginning in 2007.
Additionally, Mr. Coleman said, the Chinese have developed a secure microprocessor that, unlike U.S.-made chips, is known to be hardened against external access by a hacker or automated malicious software.
“If you add a hardened microchip and a hardened operating system, that makes a really good solid platform for defending infrastructure [from external attack],” Mr. Coleman said.
U.S. operating system software, including Microsoft, used open-source and offshore code that makes it less secure and vulnerable to software “trap doors” that could allow access in wartime, he explained.
Rafal A. Rohozinski, a Canadian computer security specialist who also testified at the commission hearing, explained how he took part in a two-year investigation that uncovered a sophisticated worldwide computer attack network that appeared to be a Chinese-government-sponsored program called GhostNet, whose electronic strikes were traced to e-mails from Hainan island in the South China Sea.
GhostNet was able to completely take over targeted computers and then download documents and information. Some of the data stolen were sensitive financial and visa information on foreign government networks at overseas embassies, Mr. Rohozinski said.
Using surveillance techniques, the investigators observed GhostNet hackers stealing sensitive computer documents from embassy computers and nongovernmental organizations.
“It was a do-it-yourself signals intelligence operation,” Mr. Rohozinski said of the network, which took over about 1,200 computers in 103 nations, targeted specifically at overseas Tibetans linked to the exiled Dalai Lama.
Mr. Rohozinski, chief executive officer of the SecDev Group and an advisory board member at the Citizen Lab at the Munk Center for International Studies at the University of Toronto in Ontario, said the GhostNet operation was likely part of a much bigger cyberintelligence effort by China to silence or thwart its perceived opponents.
A third computer specialist, Alan Paller, told the Senate Committee on Homeland Security and Governmental Affairs on April 29 that China’s military in 2005 recruited Tan Dailin, a graduate student at Sichuan University, after he showed off his hacker skills at an annual contest.
Mr. Paller, a computer security specialist with the SANS Institute, said the Chinese military put the hacker through a 30-day, 16-hour-a-day workshop “where he learned to develop really high-end attacks and honed his skills.”
Mr. Paller said that a short time later, Mr. Tan “set up a little company. No one’s exactly sure where all the money came from, but it was in September 2005 when he won it. By December, he was found inside [Defense Department] computers, well inside DoD computers,” Mr. Paller said.
Additional details of Chinese cyberattacks were disclosed recently by Joel F. Brenner, the national counterintelligence executive, the nation’s most senior counterintelligence coordinator.
Mr. Brenner stated in a speech in Texas last month that cyberactivities by China and Russia are widespread and “we know how to deal with these,” including widely reported “Chinese penetrations of unclassified DoD networks.”
“Those are more sophisticated, though hardly state of the art,” he said. “Frankly, I worry more about attacks we can’t even see, which the Russians are good at. The Chinese are relentless and don’t seem to care about getting caught. And we have seen Chinese network operations inside certain of our electricity grids.”
Mr. Brenner said there are minimal concerns about a Chinese cyberattack to shut down U.S. banking networks because “they have too much money invested here.
“Our electricity grid? No, not now. But if there were a dust-up over Taiwan, these answers might be different,” he said.
Aggressive Chinese computer hacking has been known for years, but the U.S. government in the past was reluctant to detail the activities.
The CIA, for example, sponsored research in the late 1990s that sought to minimize Chinese cyberwarfare capabilities, under the idea that highlighting such activities would hype the threat.
Researcher James Mulvenon, for instance, stated during a 1998 conference that China’s People’s Liberation Army (PLA) “does not currently have a coherent [information warfare] doctrine, certainly nothing compared to U.S. doctrinal writings on the subject.”
Mr. Mulvenon stated in one report that “while PLA [information warfare] capabilities are growing, they do not match even the primitive sophistication of their underlying strategies.”
“This is a three-horse race, and it is a dead heat,” Mr. Coleman said.
The National University of China is the strategic adviser to the Chinese military on cyberwarfare and the Ministry of Science and Technology, he said.
In response, China is taking steps to protect its own computer and information networks so that it can “go on the offensive,” he said.
Mr. Coleman said one indication of the problem was identified by Solutionary, a computer security company that in March detected 128 “acts of cyberagression” per minute tied to Internet addresses in China.
A Pentagon spokesman, Air ForceLt. Col. Eric Butterbaugh, would not comment on Chinese cyberattacks directly but said “cyberspace is a war-fighting domain, critical to military operations: We must protect it.”
“The nature of the threat is large and diverse, and includes recreational hackers, self-styled cybervigilantes, various groups with nationalistic or ideological agendas, transnational actors, and nation-states,” he said. “We have seen attempts by a variety of state and nonstate sponsored organizations to gain unauthorized access to, or otherwise degrade, DoD information systems.”
Air Force Gen. Kevin Chilton, commander of the U.S. Strategic Command, said May 7 that a joint cybercommand is needed under the Pentagon to better integrate military and civilian cybercapabilities and defenses. Gen. Chilton said he favors creating the joint command at Fort Meade, Md., where the National Security Agency is located. The command should be a subunit of Strategic Command, located at Offutt Air Force Base, Neb.
Pentagon spokesman Bryan Whitman said Mr. Gates has not decided on the subunified command to handle cyberwarfare issues and is waiting for the completion of the White House review of cyberwarfare and security issues, which is past due from the 60-day deadline imposed by Congress.
Mr. Gates “thought it would be prudent to wait for their work before looking at potential organization structures,” Mr. Whitman said in an interview.
About the Author
Bill Gertz is a national security columnist for The Washington Times and senior editor at The Washington Free Beacon (www.freebeacon.com). He has been with The Times since 1985.
He is the author of six books, four of them national best-sellers. His latest book, “The Failure Factory,” on government bureaucracy and national security, was published in September 2008.
- Inside the Ring: Pentagon reevaluating Obama's pivot to Asia
- Inside the Ring: All eyes on Moscow's military moves in Ukraine
- Inside the Ring: China readies for 'short, sharp' war with Japan
- Inside the Ring: U.S., China in war of words over South China Sea air zone
- Inside the Ring: China military on the rails
TWT Video Picks
Taxpayers must pay the freight for over-budget train projects
- Kim Jong-un calls for execution of 33 Christians
- Senate Democrats, Republicans spar over restoring unemployment benefits
- CURL: Today's GOP really is Reagan's 'Big Tent' party
- Mitch McConnell on beating tea party: 'We are going to crush them'
- Charges filed against accused 'shadow campaign' financier
- SAUERBREY: Taxing Marylanders until they flee
- DHS accused of holding U.S. citizen at airport, using emails to pry into her sex life
- Atheists sue to remove 'Ground Zero Cross' from 9/11 museum
- Rand Paul wins 2014 CPAC straw poll, Ted Cruz finishes a distant second
- As Crimea falls, Obama takes Key Largo golf vacation, Biden hits Virgin Islands
Pope Francis meets his 'mini-me'
Celebrity deaths in 2014
Winter storm hits states — again