Mercenary Espionage and Chinese Deniability.

US Chamber of Commerce

Despite it happening at the business end of 2011, the hacking of the US Chamber of Commerce ( seemingly  by Chinese agents), shocking as it wasn’t in this information age, seemed as nostalgic and interesting an example as any of the diplomatic intrigue and excitement of the Cold War. In 2012 this comparison hardly needs more encouragement, as online at least and in the world of espionage, a war has been running between the US and China since the war in Kosovo. The narrative of China enacting nefarious schemes against US interests has gained mainstream acceptance in the West and vice versa in China. But just how true are the now countless, recent reports of Chinese state culpability in hacking attacks against the West, and are they indicative of conflicts to come and the PRC’s future policies?

Certainly China has a huge footprint in terms of web users (300 million netizens and rising) and is known to account for a relatively proportionate percentage of the net’s hacking activity, though little of this can be attributed to hackers with State support, let alone to the State itself. China vigorously denies all allegations of hacking and is perhaps a bigger victim of Chinese hackers than the US, but there are many very clear, recent examples of attacks on foreign nations that demonstrably are connected to China.

Recent attacks on the Chamber of Commerce, Google, the website for the Nobel Foundation, the offices of the Dalai Lama, the US’s armed drone fleet, US Meteorological satellites and other examples all have an undeniable Sino tang to them. They were certainly perpetrated either by the PRC or by pro-PRC groups with State protection or support. The evidence regarding the attack on the Chamber of Commerce, for example, points to perpetrators with an interest in the CoC officers assigned to Asian affairs, was traced back to Chinese IP addresses and resulted in the CoC network printing out error messages in Mandarin for a week. Likewise these attacks were well organised and informed, pointing at the very least to PRC coaching if not direct involvement. Similar attacks on Google and the Nobel Prize Foundation’s site can only really link; motive-wise, to the PRC, whereas the recent hacking of US satellites and the US drone fleet via infected versions of Adobe Reader could have only been achieved by China or Russia.

 By now the Americans are used to what the rise of Chinese net power means for them, but they still have no real way of ensuring against it. As Mr Chavern; the CoC Chief Operating manager said to Wall Street Journal reporters; “It’s nearly impossible to keep people out. The best thing you can do is have something that tells you when they get in”. Though they have no real defence against it, or perhaps underlining that fact, America’s relative impotence in this area sees them threatening war over it. In May of 2011 the Pentagon released a report stating that computer sabotage by another country could, in the right circumstances, constitute an act of war. None of the Pentagon’s tough ‘Cold War talk’ seems to mean anything to China though, as when it comes to aggressive acts of computer espionage, they more often than not resort to outsourcing to keep their hands clean.

Publicly China’s go-to team for Cyber-espionage matters is the ‘Blue Army’ a recently publicised elite taskforce drawn from an ‘exceptionally deep’ talent pool of civilian and military personnel. The Blue Army could probably account for most of the hacking activity attributed to the CPC, if only they didn’t spend most of their time defending China. But the CPC doesn’t need a state run force when it can turn to civilian groups to get the job done. In an interview with a former PLA general who gives the game away with an admission of guilt, he states that China’s online strength lies in the nation’s hacking culture; “It’s just like Ping Pong. We have more people playing it, so we are good at it.” The Blue Army, are for the most part a wholly defensive force (according to the CPC), and there is little direct evidence to question this, notably because most of the high profile attacks from China can been attributed to three civilian hacking syndicates: the Honker Union, GhostNet and the Red hacker Alliance.

These civililian groups, with CPC guidance, are more than capable of taking down most targets, whether that means hacking the offices of the Dalai Lama, taking down Google Asia or stealing from the lightly defended Chamber of Commerce website. Mostly these groups are made up of self-sufficient cells of hundreds and thousands of hackers who just like any other group, go after foreign targets for money or fame. But whether these groups obtain PRC assistance, occasionally work for the PRC or are a front is irrelevant, they have tacit impunity in China. The best of the hacking community, like with what happens to some arrested hackers in the West, are co-opted and some are even idolised as national heroes. The difference is that the US certainly doesn’t allow their hackers a free pass for attacking foreign nations and they certainly wouldn’t hand them the reins. In China outsourcing net attacks to these groups, whether through direct channels or not, is beneficial as a case of deniability, whereas in the West the opposite is true; it would be considered a huge liability.

Liability or not, for the meantime it does seem like it will be Chinese policy to hide behind, enable and outsource to these domestic groups, who while off the leash will launch many more (albeit sometimes clumsy) attacks on anti-PRC targets. Deniability trumps tact, but how this strategy would play out in a worst case scenario; with one or more Chinese groups taking it upon themselves to do real damage to the US or its allies?  The possible consequences make this strategy, if that is what it is, look reckless. Though it may be technically true, foreign nations will not buy claims of Chinese innocence if domestic hacker groups hiding under the grey areas of Chinese policing take it upon themselves to do something big out of turn. IT experts and governments worldwide all know about the relative freedom that some hackers operate under in China and this effectively de-fangs their effectiveness as a scapegoat. Rather than a baseless threat, this may be the point of the Pentagon’s warning in 2011; reign in the hackers, we are prepared to punish you for their behaviour.

Considering China’s vast internet security system deniability is no defence.


China’s Petulance Makes for Unhealthy Relationships

Australian Prime Minister Julia Gilllard in China

On overseas trade and diplomatic trips Chinese leaders will always make a point of publicly citing the strengths and benefits of the trade relations between itself and the host country. This relationship is often framed by talk of mutual respect and friendship from both sides, as well as the characterising of the relationship as one of fairness and balance. In these cases China is cast as being prepared to “assist in the development” of the host nation as a “partner” rather than merely an investor.

This talk of “economic friendship”, specifically regarding the West, has recently looked tenuous and has in fact come to a head, mainly regarding developments on Chinese undervaluation of the Yuan against the US dollar. Regardless of the strength of trade relationships however, overtures of sincere Chinese friendship has been shown to come with demanding preconditions, sometimes involving the internal policy decisions of ‘friendly’ nations. In the way that China commits political overreach like this, it damages its reputation as a rational state and also risks alienating moderate actors in the West; it also belittles the concept of “Chinese friendship”, consigning it to nonsense.

Kadeer and the Dalai Lama

Specifically on issues of human rights has China recently made the loudest demands of its ‘friends’. In 2009 for example, the visit of a Ms. Rebiya Kadeer, a Chinese minority rights advocate to Australia was met with condemnation and the cancellation of a high level diplomatic exchange between the two nations. The conflict intensified when Beijing tried to stop the woman from speaking at the National Press Club in Canberra at the same time as it attempted to halt the screening of a film of the Muslim woman’s life at the Melbourne film festival (whose website was later the victim of a Chinese hacking).

Similarly, Norway’s people and internal affairs have also been harangued after the Nobel Peace Prize was awarded to Liu Xiaobo; a pro democracy campaigner in 2010. Furious with the incident, Beijing demanded an apology and through their ambassador, threatened damage to trade deals and relations with the small nation. To add to the vitriol, three weeks after the awards, the Nobel Prize website was also hacked. These Chinese threats and condemnations (like those to Australia), came regardless of the fact that the government had little to do with the events as they transpired. In both of these cases China’s behaviour was condemned by many Western commentators as bullying and a blatant attempt at interference in the domestic affairs of sovereign nations.

On the issue of international visits by the Dalai Lama, China also has a long record of voicing loud indignation, interfering in the internal affairs of sovereign nations and engaging in threatening behaviour. Recently, the Archbishop of South Africa angrily attacked the ANC government for what he argued was the ceding to Chinese demands to greatly delay the visitor Visa of the Dalai Lama. In the past, China has also attempted to interfere in Australian, French and American government meetings with the Tibetan political leader and it has threatened both the US and Australia with a worsening in relations and Nicholas Sarkozy personally, with trade sanctions against his country if he met with him.

Chinese consumers protests French businesses

More subtly, China has also used its monopoly over the media to mobilise consumer sentiment against the economic interests of foreign nations who it disagrees with. Notably during the lead-up to the Beijing Olympics, the state media ran angry stories on what it saw as French complicity in pro Tibetan rallies. The resulting public outcry led to angry rallies and a damaging consumer boycott of French goods, all of which were later publicly supported by the Chinese Foreign Minister and republished for effect in the Chinese news sphere.

In 2011 this behaviour reached, what is hopefully a watershed moment in Sino-Western relations, regarding Western legislation aimed at punishing lower Chinese industry standards and Yuan currency manipulation. On these issues China hit back by blatantly threatening both the US and EU with damaging trade wars both in its press and through diplomatic channels. Specifically regarding recent legislation to combat Chinese currency undervaluation in the US and an emissions trading scheme that would tax Chinese air carriers in Europe, China has made the ultimate faux pas of friendship; openly threatening to harm ones friends.

The aggression and indignation that China deals with its ‘trade friends’ when they exercise their right to self determination or defend their citizens right’s toward freedom of speech and expression is bad PR for a nation that is already mistrusted in the West. It implies a lack of respect for important Western moral institutions and in effect asks them to take up Chinese domestic policy as their foreign policy; namely that human rights come second to state power, all Chinese dissidents are terrorists and that China’s monetary controls are fair. The Chinese media is wont to complain week in and week out about Western distrust and disrespect of China, but their behaviour belies an inability or refusal toward tactful diplomacy in their dealings with the West. This stance, which is commonly interpreted as being disrespectful, runs the risk of reinforcing hard-line political sentiment in the West to mirror China’s own; potentially resulting in more brinksmanship and conflict.