China’s cyber capability came into sharp focus recently when a report, issued coincidentally at the start of S M Krishna’s maiden visit to China, publicised that Chinese hackers had accessed and ‘stolen’ voluminous classified information from computers in sensitive government offices in India. The report, entitled ‘Shadows in the Cloud’ issued on April 6 by the Munk School of Global Affairs of the University of Toronto jointly with other organisations, stated that a number of computers in Indian establishments had been compromised. Launched specifically to investigate the extent of penetration by Chinese hackers of computers in the Dalai Lama’s offices, researchers detected that computers in 10 Indian embassies including Afghanistan, Russia, UAE, and USA, as well as in the Indian High Commissions in Nigeria and the UK had been compromised. Sensitive establishments targeted included the National Security Council Secretariat, a couple of MES establishments, the 21 Mountain Artillery Brigade, two air force stations, the Army Institute of Technology, Pune and the Military College of Electronics and Mechanical Engineering in Secunderabad. Computers of defence-related think tanks, like the IDSA and of academics and journalists working on defence issues were also compromised.
The Munk Centre and two researchers from the University of Illinois and Cambridge respectively, had in March 2009 issued similarly disturbing reports highlighting China’s cyber espionage attempts. It revealed that 1,295 computers in 103 countries were affected; 30 per cent of the affected computers as high value targets with many belonging to foreign governments and the Dalai Lama’s offices in India, Brussels, New York and London. A NATO computer, one in the Indian embassy in Washington and computers in nine other Indian embassies in UK, US, Germany, Serbia, Cyprus, Belgium, Italy, Kuwait and Zimbabwe were identified. The infected node stretched in an arc from India, Bhutan, Bangladesh, Vietnam, Laos, Brunei, Philippines, Hong Kong and Taiwan.
All the reports identify China as the source of the cyber attacks. The latest report identifies at least one hacker as based in Chengdu, capital of China’s Sichuan province and as associated with officially-tolerated hacker organisations like NSFocus and Eviloctal. Both these have links to the People’s Liberation Army (PLA). Another hacker was linked to the University of Science and Technology in Chengdu.
All these reports reveal that India has been subjected to sustained cyber attacks. While unlike in the US there is no official quantification of cyber attacks in India, estimates are that these were quite high last year. It is evident that computers of specific officials in sensitive establishments have been targeted, suggesting that a large number of computers were surveilled before a target was determined.
The reports are particularly disturbing since China views cyberspace as the battleground of the future. The military dimension to China’s interest in cyber technology was enunciated in a quasi-official book published in 1999, by two PLA senior colonels and entitled Unrestricted Warfare. Cyber warfare is suited to asymmetric warfare as it affords stealth, speed and deniability. Today, especially in advanced nations, Internet is a critical part of the operating infrastructure of public utilities like water works and electricity grids, transportation networks, financial institutions, health services, etc. The effort to merge Internet and mobile telephone networks will increase this vulnerability. After China’s President Hu Jintao in 2007 stressed the importance of cyber capability or ‘informationisation’ of the armed forces this became an area of intensive research and capital investment.
China formulated its cyber strategy in the early 1990s. The objective was to secure and control assured supplies of scarce essential resources, acquire dominance in the manufacture of hardware, gain the lead in cyber and wireless technology, and achieve indigenous capability and sophistication in software design. China developed an overarching policy encompassing civil and military applications. It declared rare earth metals a secret national priority in the mid-1980s. These metals are irreplaceable and used in hundreds of technologies ranging from mobile phones, BlackBerrys to low-light energy bulbs, missile guidance systems, superconductors and computer hard drives. In 1997, Deng Xiaoping observed that ‘China would be for rare earth metals what the Middle East is to oil’ and within 20 years China acquired virtually monopolistic control over the supply of rare earth metals. China’s ministry of industry and information technology demonstrated this when it recently proposed a total ban on the export of certain rare earth metals and recommended limiting the export of others to 35,000 metric tonnes a year. Japan, which alone needs over 38,000 metric tonnes, has accused China of treating rare earth metal exports as a ‘21st century economic weapon’.
China’s experimentation with cyber espionage and attacks coincided with the advances made in its cyber strategy. Official US estimates in 2008 noted that Chinese hackers mainly targeted US defence computers and systems and downloaded 10-20 tetrabytes of data. Chinese hackers are assessed as downloading intellectual properties estimated at $40-50 billion each year from the US.
China’s hostile cyber activity has attracted international attention because of the dominant military component in its cyber capability. Hundreds of Chinese nationals are being trained in cyber-warfare, many in academies run by the PLA, like the ‘informationisation’ military courses offered in Wuhan University. The PLA has, since 2002, steadily augmented its cyber-capable Information Warfare (IW) militia units. The distinction between civilian and military cyber applications has been deliberately blurred, as many militia units comprise personnel from the commercial sector and academia. This has widespread implications as a number of China’s Internet and wireless technology companies, like Huawei and ZTE, are going global. International concern has predictably generated debate on the appropriate response to a cyber attacks. The US and Western nations favour a military response including precision missile strikes.
India too will have serious concerns. Estimates are that China’s cyber force has at least 50,000 hackers targeting India and the Dalai Lama’s establishment and they are based in the Xinjiang-Uyghur Autonomous Region. With India and its armed forces getting increasingly ‘wired’ enhancing cyber security must be a priority. This has to be combined with the capability to trace and disable the source of cyber attacks.
About the author:
Jayadeva Ranade is a former additional secretary in the Cabinet Secretariat, Government of India