The sheer volume of Chinese cyberespionage directed against the United States, together with its increasing sophistication, "make China the most threatening actor in cyberspace," concludes a new government report released Wednesday.
While it is still unknown who in China, specifically, is doing the hacking, technical gains are helping trackers trace cyberespionage "campaigns" back to the country. Among the culprits, according to the annual report to Congress of the US-China Economic and Security Review Commission:
- The People's Liberation Army.
- Informal "cyber warfare militia" composed of workers with high-tech day jobs that focus on military communications, electronic warfare, and computer network operations.
- Three intelligence and security service ministries.
- Patriotic hackers conducting espionage out of nationalist fervor.
- Criminal hackers conducting industrial espionage for private, state-owned, or government clients.
- Big IT companies and telecommunications firms.
"China’s cyber capabilities provide Beijing with an increasingly potent tool to achieve national objectives," the congressional report states. "In a strategic framework that leans heavily on cyber espionage, a diverse set of Chinese hackers use pilfered information to advance political, economic, and security objectives."
The report cites China’s new J-20 stealth fighter jet as an example. Photos of the J-20 show similarities with the Lockheed Martin F-22. The photos revived “concerns that human, cyber, or other forms of espionage may have played a role in the J-20’s development,” the report says.
The report also notes other examples of “malicious Chinese cyber activity” in 2012, including successful attacks on NASA networks and spear phishing e-mails targeting the White House Military Office, which assists in presidential communications and travel.
Chinese hackers have long appeared less sophisticated than those in Russia. But there are signs that is changing. In January, a China-based attack targeted the "secure authentication" system of the Defense Department's Common Access Card standard, one of the Pentagon's most secure systems.
Moreover, Chinese hackers reportedly used thumb drives and compact discs to infiltrate computers belonging to India's Eastern Naval Command, which had no connection to the Internet. Infiltrating weapons systems, including missiles, aircraft, ships, and ground systems is a Chinese focus, US military officials testified this year.
Citing a study by Akamai Technologies, the congressional report suggests that 16 percent of Internet attacks worldwide originate in China – making it the world’s top offender. Another cited study, by a service provider named CloudFlare, notes that global Internet attacks declined by more than half on Oct. 1, 2011 – China’s national holiday.
Chinese embassy officials in Washington routinely deny responsibility for cyberespionage against US targets.
"China's rapid development and prosperity are attributed to its sound national development strategy and the Chinese people's hard work, as well as China's ever enhanced economic and trade cooperation with other countries that benefits all," a spokesman for the Chinese Embassy wrote in an e-mail responding to a government report last year on cyberspying. "Willfully making unwarranted accusations against China is irresponsible, and we are against such demonization efforts as firmly as our opposition to any forms of unlawful cyberspace activities."
Curiously, cybertheft could hurt China’s economic and military prospects in the long run, some suggest.
"China’s national strategy to acquire technology illicitly from Western companies handicaps its own development," James Lewis, a cybersecurity expert at the Center for Strategic and International Studies wrote in a recent issue of Foreign Affairs magazine. "Beijing’s economic plans have for decades emphasized the need to build indigenous high-tech industries and reduce dependence on foreign producers. Pilfering Western technology is a crutch that keeps China from moving up the ‘value chain’ and becoming a nation of innovators."
The US is working to develop a response to the threat it sees in China. In 2010, US Cyber Command became fully operational within the Defense Department. Beyond that, the White House reportedly issued on Wednesday a secret policy document that outlines what actions the US military can take against cyberattacks.
In a world where the line between cyberespionage and a cyberattack on a computer network can be exceedingly fine, the directive points to the dangers of an escalating cyberwar. Indeed, the congressional report says China's cyberespionage has also alienated Japan and some European countries, in part spurring them to embark on a cyberweapons race the report calls "destabilizing."
"We're all continuing to build our military forces while at the same time making all these semi-threats to each others," says John Bumgarner, research director for the US Cyber Consequences Unit, a nonprofit security think tank that advises government and industry. "We're all economic partners, but we're all on this cyberespionage path where people are routinely breaking in to steal the latest and greatest fighter plane plans. At some point, it may cross the line and become an act of war. In the cyber world, that line is a very blurred line. It's a path we need to get off."