Thanks to Tenable also for a refernce to a paper on “”Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation” prepared for the US Government by Northrop Grumman.
The Executive Summary claims that the Chinese:
“doctrinal focus is providing the impetus for the development of an advanced IW capability, the stated goal of which is to establish control of an adversary’s information flow and maintain dominance in the battlespace…. One of the chief strategies driving the process of informatization in the PLA is the coordinated use of CNO, electronic warfare (EW), and kinetic strikes designed to strike an enemy’s networked information systems, creating “blind spots” that various PLA forces could exploit at predetermined times or as the tactical situation warranted….The PLA is training and equipping its force to use a variety of IW tools for intelligence gathering and to establish information dominance over its adversaries during a conflict. PLA campaign doctrine identifies the early establishment of information dominance over an enemy as one of the highest operational priorities in a conflict…. The PLA is reaching out across a wide swath of Chinese civilian sector to meet the intensive personnel requirements necessary to support its burgeoning IW capabilities, incorporating people with specialized skills from commercial industry, academia, and possibly select elements of China’s hacker community. …. China is likely using its maturing computer network exploitation capability to support intelligence collection against the US Government and industry by conducting a long term, sophisticated, computer network exploitation campaign. The problem is characterized by disciplined, standardized operations, sophisticated techniques,
access to high-end software development resources, a deep knowledge of the targeted networks, and an ability to sustain activities inside targeted networks, sometimes over a period of months…..
In a conflict with the US, China will likely use its CNO capabilities to attack select nodes on the military’s Non-classified Internet Protocol Router Network (NIPRNET) and unclassified DoD and civilian contractor logistics networks in the continental US (CONUS) and allied countries in the Asia-Pacific region. The stated goal in targeting these systems is to delay US deployments and impact combat effectiveness of troops already in theater.”
Marcus Ranum of Tenable comments however that “This is how militarists think, and its exactly why we need to keep their hands away from the steering wheel. I have news for all the aeron-chair commandos out there: a shooting war with China is not on anyones “to do” list. Not theirs, anyway. The problem with the militarist mind-set is that they create self-fulfilling threats. ……Its the U.S. Government that made deals under the table to get access to its citizens phone call data, then rewrote the laws to indemnify the companies and agencies involved. Its the U.S. Government that requires ISPs to maintain email logs and turn them over with a flimsy warrant presented in a secret court. Its the U.S. Government that has televised congressional hearings on CSPAN, where Mudge famously claims ownership of the Internet. Its companies in the U.S. that primarily develop tools like Core Impact and Metasploit. DEFCON is held in Las Vegas, Nevada, and always has a significant government recruiting effort. SANS teaches “pen testing” – attack techniques – with a sly wink and a nudge, saying “dont try this at home, kids…” Get the point? We have met the enemy, and they are indistinguishable from us.”