Jul 04 2009

Understanding China’s cyber threat perception

Published by at 12:16 pm under Uncategorized

Nations develop defense capabilities and weapon systems based on threat perception.  While it is  extremely difficult to predict future war, it is something each country must take seriously.  You don’t spend all of your military budget on coastal defense if estimates show it is more likely you will engage in land warfare.  If military decision-makers predict that future combat will center around non-contact war, using drones, cyber attacks and space-based weaponry, you focus your energy and resources on those areas.

China has openly announced that they are moving toward an “informationized” force and it is one of their top priorities.  While we do not have to agree with their rational, it is imperative that we understand it.

The following article from tech.qq.com outlines many of those reasons.  It is a rather long piece so this will be a gist of the major points mentioned:

Unmasking the true intentions behind the repeated US “Chinese hacker threat” hype

The US media has always portrayed the Chinese hacker as omnipotent, capable of easily breaking through the White House and Pentagon network security systems to steal classified information.  On 23 June,  after US Secretary of Defense Gates announced the creation of a Cyber Warfare Operations Center, the true intentions behind the constant US “Chinese hacker threat” hype became immediately obvious to the outside world.   In fact, there are even more unknown plans underneath this, exaggerating the “Chinese hackers threat” is only one plot in a series of ploys by the  US to strengthen its network capabilities.  In truth, the establishment of the Cyber Warfare Operations Center is not the  first US attempt to expand its network capabilities.   Even before the worldwide  popularity of the internet, the US had already created a “cyber army” and carried out the practice of “cyber war.”   (US) Experts stated, they wanted the same unrivaled domination in “freedom of movement”  as the US military enjoyed on the land, sea, air and space.  The US would reject any restriction in the cyber domain in order to ensure their dominant position.

“Chinese hackers” used as the customary US pretext

Follow US media reports and you will discover that “China’s hackers” have hacked into almost all of the most important governmental websites to include the White House, Pentagon, Federal Bureau of Investigation, the Central Intelligence Agency and the United States Congress.   Chinese hackers not only engage in such low-level network attacks as website defacements, they are also capable of carrying out such operations as  paralyzing the US power grid and stealing top-secret information on the F-35 Joint Strike Force Fighter.  It appears that in US public opinion, Chinese hackers have everything in the bag, they can penetrate US networks as if no one is manning the borders.

In regards to the US media’s “Chinese hackers threat” hype, certain US politicians and officials have also chosen to echo this position.  On April 21st of this year, the US “Wall Street Journal” reported that Chinese hackers had stolen data on the F-35 fighter aircraft, in spite of the fact that Lockheed Martin, the prime defense contractor, denied that the information had been leaked.  However,  US Defense Department spokesman Brian Whitman said, “that the specific details were unclear,” leaving it to the world’s imagination.  Subsequently, US Secretary of Defense Robert Gates, in an exclusive interview with CBS, expressed concerns over the daily attacks on US networks and said that the Pentagon had no choice but to carry out a four-fold increase in the national cyber defense mission.

As another aspect of this, from time to time, the US military will take the initiative and make releases to the press in order to further their next policy campaign.  On 15 May, US Deputy Defense Secretary Lynn said to the press that over 100 foreign intelligence organizations had tried to infiltrate the US network and that China and Russia had the ability to attack through the network and damage US infrastructure.  In addition, two weeks later, US President Obama would appoint a “Cyber Czar” to head the cyber security office and command national cyber security forces.

In a recent interview with a Global Times reporter, Chinese military expert Song Xiaojun said that for many years the US has exaggerated the  foreign network threat and that this was actually a methodical means to  establish a Cyber Warfare Operations Center.  Fang Binxing, a scholar at the Chinese Academy of Engineering and president of the Beijing University of Posts and Telecommunications, also said that the US was basically using “Chinese hacker” attacks as an excuse to create a Cyber Warfare Operations Center. According to Fang Binxing’s explanation, with regard to offensive and defensive network warfare capabilities, the US has absolute superiority from traditional space, to outer space and cyber space.

Seizing the commanding heights of cyber warfare in order to strengthen cyber attack capability

Just as the experts said, exaggerating the so-called “Chinese hacker threat” is the US “justification” for strengthening their cyber attack capability.  In fact, the historical development of the US’ cyber attack capability would far surpass the world’s imagination.  Even before the term”Chinese hacker” appeared, the US had used cyber attack in actual combat.  During the 1991 Gulf War, the US used the intelligence system to place a computer virus in the Iraqi air-defense system that Iraq had purchased from France.  Prior to the start of US air raids, remote-control means were used to activate the virus, that led to the paralysis of the Iraqi air-defense system at the time the US Air Force flew over Baghdad.

In regards to “cyber warfare”, the US military has clearly passed the stage of theoretical study.  For the first time in 1993, two scholars from the US RAND Corporation put forward the concept of “cyber warfare.”  These two scholars defined in theory what constitutes “cyber war” and also systematically described how to use cyber warfare to disrupt and destroy the enemy’s  information and communication  systems while at the same time preventing the enemy from obtaining yours.

The theoretical conclusions of US scholars have also promoted the advance and development of US cyber attack capability.  During the Kosovo War in 1999, as well as the 2003 war in Iraq, people could clearly witness the shadow of cyber warfare.  According to US military defense expert Harding’s long-term tracking evaluation of U.S. military hacker projects, the US currently has a total of 3-5000 cyber wafare specialist and 50-70,000 soldiers involved in cyber warfare.  If you add in former electronic-warfare personnel, the total number of US cyber forces comes to around 88,700.   Moreover, Commander Chilton of the US Strategic Command Center recently revealed that the US is in the process of recruiting 2-4,000 soldiers in order to form a “cyber special forces.”

It is especially worth noting the drastic reduction in the Obama administration’s missile defense system and F-22 aircraft procurement costs while at the same time increasing cyber security investment and pushing the acceleration of cyber warfare construction.  The establishment of the Cyber Warfare Command, is merely a method for the US military to integrate relevant departments and units involved in cyber attack capabilities, thereby raising it as a force multiplier.  An analyst from the UK ” Guardian” said that this was a way for the US  to integrate high-tech military units scattered all around the country, in order to launch a cyber warfare against hostile nations if it becomes necessary.

In the view of military experts, there is an even greater significance to the US creation of a cyber command, that it signals humans are entering into a historically new form of war.  A Chinese military expert, speaking on the condition of anonymity,  told a “Global Times” reporter that the US establishment of the Cyber Warfare Command signified an inevitably increase in funds and personnel that will be thrown into the domain of cyber warfare.  From a larger perspective, the US establishment of a Cyber Warfare Command signified that from now on, it was possible cyber warfare was a new type of national-warfare that had entered human history.  From here on out, if the US comes under cyber attack, it could delcare it an act of war and carry out a counterattack.

Reject any restrictions to ensure superiority

(Two paragraphs not translated: The first repeats the US freedom of movement with a blurb on SecDef Roberts Gates’ memo that Cyber Command will help ensure US freedom of movement in cyber space.  The second paragraph talks about US unwillingness to have restrictions placed on its freedom of movement and a statement by a US State Dept person claiming the US could not sign an international agreement on cyber security.)

A Chinese military expert told the “Global Times” that in terms of traditional military and nuclear strike capability, the US, the world’s top-ranked military power, had almost complete control over the four domains of land, sea, air, and space.  Creating a “cyber army” was the US military’s strategic initiative to extend its superiority into the 5th realm of the virtual world.  As the birthplace of the internet, the US clearly has a real-world advantage.   One can imagine that the US will not have much interest in cyber arms control and that it will continue to use the feeling of insecurity from other countries to ensure their “freedom of movement.”

11 responses so far

11 Responses to “Understanding China’s cyber threat perception”

  1. Jupiteron 05 Jul 2009 at 8:26 pm

    I’ll buy that the ‘Chinese hacker’ threat is largely inflated, but I find it difficult to believe that the US made a careful and deliberate effort to inflate this threat solely to justify some bureaucractic reshuffling of military forces and the creation of this week’s “buzzword”-czar.

    There has been a growing clamor about the importance of cybersecurity over the years, and for the longest time, US policy makers were content to ignore it. Hard to take a tubby teenager with cheeto stains on his Serenity t-shirt seriously as a national security threat, right? But then the Russians started cyberwarring on poor Estonia and Georgia, and then scary looking Chinese addresses started popping up in IP logs, and what do you know– cyber warfare is turning out to be the way of the world, and our trusty ol’ government is actually turning its cogs to meet a threat *before* letting it manifest as a devastating surprise attack, rather than after. Makes for an interesting change of pace.

  2. Heikeon 06 Jul 2009 at 4:06 am


    I think that 1991 shook the Chinese to their core and they suddenly realized they had to build a modern fighting force. Precision-guided weapons and a digitized force woke them up.

    They also realized that matching the US tank for tank, plane for plane, and ship for ship was not going to work. They saw how well that worked out for the old Soviet Union and decided they weren’t gong to have any part of that game.

    Non-contact war provides the Chinese with what they refer to as leap-frog technology. The chance to compete with the US on a level, somewhat cheap playing field.

    As I tried to point out, we don’t have to agree with their reasoning but we do need to understand it in order to see why they are moving.

  3. hogflyon 06 Jul 2009 at 10:53 am

    I had a friend involved in ’91 that talked a bit about what they did to Iraqi comms during the war and it pretty much involved what was discussed above though there were some differences in his story, more or less involving the manual hacking of routers.

    The ‘chinese threat’ is very real and growing despite their attempts to downplay their capabilities at every turn. The truth of it is that very few people know their actual strength and those people will not talk about it.

  4. Jupiteron 07 Jul 2009 at 2:01 am

    Of course, don’t get me wrong– I agree with that part entirely and found the article extremely insightful in that regard. You could say that 1991 was to Chinese perceptions on force modernization and information warfare as 1996 was to Chinese perceptions on the importance of naval deterrence/power projection capabilities.

    The only portion I considered disputable were suggestions that the US was deliberately inflating the threat to justify the creation of its own cyberwarfare capabilities. It seems as if the US has been edging in that direction for years now, long before the recent rash of Chinese hacker news stories, and I found the suggestion of a correlation between the two to be a little flimsy.

    Other than that, this article hit several nails on their respective heads!

  5. Heikeon 07 Jul 2009 at 3:45 am

    Yeah, China has this habit of trying to fight below its weight class. I think it sprang from Deng Xiaoping’s famous quote, “hide your capability and bide your time.” Or something like that.

    It rings rather hollow and works against them in my opinion. However, I have heard some interesting theories about Chinese methods of deterrence that could explain it. Very different from the US use of transparency.

  6. nealon 07 Jul 2009 at 6:54 am


    Is there an English translation of the linked website? What Chinese periodical/journal did it come from?

  7. Heikeon 07 Jul 2009 at 8:02 am


    The only English translation I’m aware of is the one I provided. It is actually a bit more than just a gist translation, got carried away. The only parts I didn’t translate pretty much verbatim were the last couple of paragraphs.

    The original link is: http://tech.qq.com/a/20090703/000154.htm but, as is common with Chinese articles, it is hard to tell the original publication. They don’t seem to be too concerned about citing their sources. However, if you look at the pictures associated associated with the article, it looks like it may have been taken it from Xinhua.

  8. nealon 08 Jul 2009 at 4:28 am

    Thanks HEike, you do great work! Much obliged.

  9. Heikeon 08 Jul 2009 at 5:17 am


    No problem. If our readers are happy, we are happy.

  10. CBRP1R8on 13 Jul 2009 at 11:01 am

    Good article, I was there doing “stuff” in 91….been going on a lot longer then most anyone outside of the community would know….then the project headed up by NSA in their Global IT Project, which grew exponentially in 93-94, to bring in all the military branches under the same thumb. Threat projection has always been more about your own side then their side anyways, what better way to fund your own forces then create threat where there is none and sell it.

  11. Heikeon 13 Jul 2009 at 2:56 pm

    “Threat projection has always been more about your own side then their side anyways, what better way to fund your own forces then create threat where there is none and sell it.”

    Grains of truth. :)