Mercenary Espionage and Chinese Deniability.

US Chamber of Commerce

Despite it happening at the business end of 2011, the hacking of the US Chamber of Commerce ( seemingly  by Chinese agents), shocking as it wasn’t in this information age, seemed as nostalgic and interesting an example as any of the diplomatic intrigue and excitement of the Cold War. In 2012 this comparison hardly needs more encouragement, as online at least and in the world of espionage, a war has been running between the US and China since the war in Kosovo. The narrative of China enacting nefarious schemes against US interests has gained mainstream acceptance in the West and vice versa in China. But just how true are the now countless, recent reports of Chinese state culpability in hacking attacks against the West, and are they indicative of conflicts to come and the PRC’s future policies?

Certainly China has a huge footprint in terms of web users (300 million netizens and rising) and is known to account for a relatively proportionate percentage of the net’s hacking activity, though little of this can be attributed to hackers with State support, let alone to the State itself. China vigorously denies all allegations of hacking and is perhaps a bigger victim of Chinese hackers than the US, but there are many very clear, recent examples of attacks on foreign nations that demonstrably are connected to China.

Recent attacks on the Chamber of Commerce, Google, the website for the Nobel Foundation, the offices of the Dalai Lama, the US’s armed drone fleet, US Meteorological satellites and other examples all have an undeniable Sino tang to them. They were certainly perpetrated either by the PRC or by pro-PRC groups with State protection or support. The evidence regarding the attack on the Chamber of Commerce, for example, points to perpetrators with an interest in the CoC officers assigned to Asian affairs, was traced back to Chinese IP addresses and resulted in the CoC network printing out error messages in Mandarin for a week. Likewise these attacks were well organised and informed, pointing at the very least to PRC coaching if not direct involvement. Similar attacks on Google and the Nobel Prize Foundation’s site can only really link; motive-wise, to the PRC, whereas the recent hacking of US satellites and the US drone fleet via infected versions of Adobe Reader could have only been achieved by China or Russia.

 By now the Americans are used to what the rise of Chinese net power means for them, but they still have no real way of ensuring against it. As Mr Chavern; the CoC Chief Operating manager said to Wall Street Journal reporters; “It’s nearly impossible to keep people out. The best thing you can do is have something that tells you when they get in”. Though they have no real defence against it, or perhaps underlining that fact, America’s relative impotence in this area sees them threatening war over it. In May of 2011 the Pentagon released a report stating that computer sabotage by another country could, in the right circumstances, constitute an act of war. None of the Pentagon’s tough ‘Cold War talk’ seems to mean anything to China though, as when it comes to aggressive acts of computer espionage, they more often than not resort to outsourcing to keep their hands clean.

Publicly China’s go-to team for Cyber-espionage matters is the ‘Blue Army’ a recently publicised elite taskforce drawn from an ‘exceptionally deep’ talent pool of civilian and military personnel. The Blue Army could probably account for most of the hacking activity attributed to the CPC, if only they didn’t spend most of their time defending China. But the CPC doesn’t need a state run force when it can turn to civilian groups to get the job done. In an interview with a former PLA general who gives the game away with an admission of guilt, he states that China’s online strength lies in the nation’s hacking culture; “It’s just like Ping Pong. We have more people playing it, so we are good at it.” The Blue Army, are for the most part a wholly defensive force (according to the CPC), and there is little direct evidence to question this, notably because most of the high profile attacks from China can been attributed to three civilian hacking syndicates: the Honker Union, GhostNet and the Red hacker Alliance.

These civililian groups, with CPC guidance, are more than capable of taking down most targets, whether that means hacking the offices of the Dalai Lama, taking down Google Asia or stealing from the lightly defended Chamber of Commerce website. Mostly these groups are made up of self-sufficient cells of hundreds and thousands of hackers who just like any other group, go after foreign targets for money or fame. But whether these groups obtain PRC assistance, occasionally work for the PRC or are a front is irrelevant, they have tacit impunity in China. The best of the hacking community, like with what happens to some arrested hackers in the West, are co-opted and some are even idolised as national heroes. The difference is that the US certainly doesn’t allow their hackers a free pass for attacking foreign nations and they certainly wouldn’t hand them the reins. In China outsourcing net attacks to these groups, whether through direct channels or not, is beneficial as a case of deniability, whereas in the West the opposite is true; it would be considered a huge liability.

Liability or not, for the meantime it does seem like it will be Chinese policy to hide behind, enable and outsource to these domestic groups, who while off the leash will launch many more (albeit sometimes clumsy) attacks on anti-PRC targets. Deniability trumps tact, but how this strategy would play out in a worst case scenario; with one or more Chinese groups taking it upon themselves to do real damage to the US or its allies?  The possible consequences make this strategy, if that is what it is, look reckless. Though it may be technically true, foreign nations will not buy claims of Chinese innocence if domestic hacker groups hiding under the grey areas of Chinese policing take it upon themselves to do something big out of turn. IT experts and governments worldwide all know about the relative freedom that some hackers operate under in China and this effectively de-fangs their effectiveness as a scapegoat. Rather than a baseless threat, this may be the point of the Pentagon’s warning in 2011; reign in the hackers, we are prepared to punish you for their behaviour.

Considering China’s vast internet security system deniability is no defence.

Advertisements

Comments are closed.

%d bloggers like this: