Jul.22 (China Military News cited from guardian.co.uk) — The People’s Liberation Army has unveiled its first department dedicated to tackling cyber war threats and protecting information security, Chinese media reported today.

The move comes just over a year after the United States created a cyber command.

The PLA Daily said the military announced the creation of the Information Security Base on Monday, giving few more details in its brief report.

But an officer in the General Staff headquarters, which directly oversees the new department, told the Global Times: “It is a ‘defensive’ base for information security, not an offensive headquarters for cyber war.”

He said the base would be used to gather online information and “build up walls” to safeguard confidential military information.

Ni Lexiong, a Shanghai-based military analyst, told the South China Morning Post: “The USCYBERCOM aims at coping with hacker attacks as well as other cyber attacks, which means the internet will become another key battlefield in tomorrow’s world.

“It’s a very important message to the PLA because the army did not have a united and centralised management system to command its information technology centres in different forces.”

Christian Le Miere, senior Asia analyst for Jane’s Country Risk, said: “Every major military has to be concerned about cyberwar.

“There was maybe some form of taboo [about setting up a dedicated centre], but as soon as the US does it, everyone says ‘we can have one too’.”

Le Miere said such security issues had gained attention after Estonia suffered cyberattacks which some blamed on Russia and Chinese faced allegations of state complicity in attacks on US sites.

“It is seen as an increasingly useful arena for competition and quasi-military espionage,” he said.

A recent report warned that Nato was increasingly vulnerable to cyberwarfare and US deputy defence secretary William Lynn said in a speech last year: “We know … that both Russia and China have the capability to disrupt elements of other nations’ information infrastructure.”

Discussing attacks on American governmental, military and private networks, he said the Pentagon had traced some back to China but “[could] not attribute whether it’s a private, public, whether it’s military, intelligence, industry or criminal.”

But China also feels vulnerable. Earlier this year, Professor Fang Binxing, president of the Beijing University of Posts and Telecommunications, said the US was “without question the world’s foremost power in cyber-based attacks and defence”, amd that Chinese capabilities remained very backward.

An official with the National Computer Network Emergency Response Team accused foreign countries of “rumour mongering and overstating the cyber threat from Chinese hackers … covering up their political purpose of building up a cyber army”.

Officials have denied any state involvement in hacking and said China is one of the biggest victims.

The Chinese military recently banned its soldiers from blogging or setting up their own websites – even when on leave – with Wan Long, the political commissar of a regiment telling the PLA Daily: “The internet is complicated and we should guard against online traps.”

June.03 (China Military News cited from Economic Times) — The US’ announcement to set up a Cyber Command (CYBERCOM), which is aimed at gaining military supremacy in cyber space, might trigger a new arms race, Chinese strategic analysts have warned.

“It has already had the lead in conventional military and nuclear forces. Now it is expanding this advantage to be the leading force in new fields, such as electromagnetic space and outer space,” state-run China Daily quoted Peng Guangqian, a Beijing-based strategist, as saying.

US Secretary of Defence Robert Gates, recently, announced the establishment of the world’s first comprehensive, multi-service military cyber operation, called CYBERCOM, which could provide US forces a lead in new emerging strategic fields like space and outer space.

The announcement came only a few days after President Barack Obama laid out his National Security Strategy, stressing for the first time in such a document the importance of cyber security as one of the core national security interests, he said.

China’s “Tianhe” supercomputer, China has been invest great resources in IT technologies since 21st century

Meng Xiangqing, a professor with the National Defence University said there is a very thin line between a defencive and an offencive act when it comes to cyber space.

“CYBERCOM ranks high in the US military, reporting directly to the US Strategic Command, and the US is the most advanced state in cyber technology. This absolute advantage may trigger a new type of arms race,” Meng said.

Despite the US insisting CYBERCOM is mainly defencive, Meng said it “has raised a new challenge for China, and that is how to guard our national cyber security.”

States other than the US have already been planning mechanisms to guard national cyber security, including the UK, France, Russia, South Korea and Israel, which already has a military cyber force.

Song Xiaojun, a Beijing-based military strategist, said even if other countries join in the cyber arms race, they are not capable of competing with the US since it possesses the core technologies of the Internet and of all 13 Internet root servers in the world, 10 are in the US, including the only one main root server.

The newspaper also reported the comments of US Deputy Defence Secretary William J Lynn III that the potential enemy that CYBERCOM will fight has not yet been clearly identified.

“I think we need to be prepared for the unexpected. In fact, over the past several years we have experienced damaging penetrations,” Lynn had said apparently referring alleged attempts by Chinese hackers to break into sensitive defence sites.

April.05 (China Military News cited from Xinhua) — China’s Central Military Commission has issued a set of guidelines aimed at developing a comprehensive system upgrading military information security, a statement from the commission said Monday.

Approved by Hu Jintao, Chairman of the Central Military Commission, the Guidelines on Enhancing Military Information Security under New Situations set out an overall arrangement to advance military information security work by “tackling critical issues” facing China’s armed forces.

Improvement of military information security is a requirement for the modernization of China’s national defense and military buildup, said the guidelines.

The document stressed the importance of enhancing organizational bodies, working mechanisms, specialized personnel and technical safety to realize improved information security in the ranks. It gave priority to network security and electromagnetic safety as two major working areas, among others.

Military officers and solders should receive proper education to get prepared for military information security against the new backdrop, said the guidelines.

Mar.29 (China Military News cited from computerworld.com and written by Patrick Thibodeau) — On the same day that Google Inc. and the GoDaddy Group Inc. complained about China to a congressional committee, U.S. Navy Admiral Robert Willard appeared before the U.S. House Armed Services Committee with an even stronger warning about cyber-threats posed by China.

Willard’s comments about China received little press attention but were stronger than anything said by either company.

“U.S. military and government networks and computer systems continue to be the target of intrusions that appear to have originated from within the PRC (People’s Republic of China),” said Willard.

He said that most of the intrusions are focused on acquiring data “but the skills being demonstrated would also apply to network attacks.”

Willard testified on the military’s operations in its Pacific command, which he said “faces increasingly active and sophisticated threats to our information and computer infrastructure.”

“These threats challenge our ability to operate freely in the cyber commons, which in turn challenges our ability to conduct operations during peacetime and in times of crisis,” Willard said in prepared remarks (PDF document). He said the military was responding in near real-time to threats.

It’s not just the military saying that the cyber-threats coming from China are on the rise. Appearing before the Congressional-Executive Commission on China Thursday, Christine Jones, an executive vice president and general counsel at domain registration giant GoDaddy, said that “in the first three months of this year, we have repelled dozens of extremely serious DDoS attacks that appear to have originated in China.”

Although GoDaddy and Google cited China as a source of cyber-attacks, they didn’t blame the government. But these firms are taking action to limit their dealings with China because of other government policies concerning privacy and censorship.

But will the experiences of GoDaddy, Google and for that matter, the U.S. military, prompt other companies to act similarly and take steps to limit their business in China?

Robert Vambery, a professor of international business at Pace University’s Lubin School of Business in New York, said this kind of behavior has been going on for a while and it’s naive not to expect it. While he sees the possibility of action by Google and other firms having some short- to intermediate-term impacts on other businesses in their dealings with China, they won’t be major, he said.

“Unless there is some serious military encounter between China and the United States, then this is not likely to change significantly in the near future,” Vambery said.

University of Notre Dame professor John D’Arcy, who conducts research on information security and computer ethics, says Google decisions puts a little pressure on China, and said if U.S. firms feel any pause at all in dealing with that country, it is because more and more cyber attacks are being linked back to China.

“Companies would be a little bit suspicious because in general the Chinese government has not done anything to curb this activity,” he said.

But China’s importance to U.S. firms is huge, and Dell Inc. is only the most recent company to illustrate why.

There was a brief eye-opening moment this week when it appeared as if the Google’s exodus from China was about to escalate in a big way.

India’s Prime Minister, Manmohan Singh, was reported to have said in speech that Dell was planning to shift some production out of China because it wanted safer environment. CEO Michael Dell had recently met with Singh.

The statement came from account distributed by the India Press Information Bureau, according to various press reports. But David Frink, a Dell spokesman said in an interview, that was a “misinterpretation of his remarks.”

Dell has 5,000 employees in China and two manufacturing facilities. In a statement released by Dell, the company said in that in its meeting with Singh, they discussed “ways of building India’s hardware manufacturing eco-system.”

In this context, Mr. Dell said that the company spends about $25 billion annually on sourcing components from its suppliers in China. With the right kind of progress, Mr. Dell said that he believes India also has an “opportunity to become a hardware manufacturing hub, generating employment and adding to that country’s impressive growth.”

Jan.20 (China Military News cited from Computerworld and written by Jaikumar Vijayan) — The targeted cyberattacks apparently originating in China that hit Google and more than 30 other companies late last year are now targeting some U.S. defense contractors, according to security vendor F-Secure.

In a blog post this week, F-Secure Chief Research Officer Mikko Hypponen said the company has learned of instances where malicious PDF files were e-mailed to U.S. defense contractors last week. The PDF file was designed to look like an official Department of Defense document and contained information about a real Mission Planning User Conference to be held in Las Vegas in March, he aqdded.

A screen shot of the document pasted onto the F-Secure blog shows a very authentic-looking Air Force written Memorandum for Mission Planning International Community.

Opening the PDF document using Adobe Reader allows hackers to exploit a previously disclosed vulnerability in the doc.media.newPlayer function of the reader to install a backdoor on the user’s system, Hypponen said. The backdoor connects to an IP address located in Taiwan. “Anybody who controls that IP will gain access to the infected computer and the company network,” Hyponnen wrote.

The blog post did not say how many contractors were targeted with e-mails containing the poisoned PDF files, but noted that they were more recent than the attacks on Google and others. “While the ‘Aurora’ attacks against Google and others happened in December 2009, this happened just last week,” he wrote.

On the surface at least, the attacks described by F-Secure appear to be similar to attacks last month on Indian government agencies and the country’s National Security Advisor that were also said to originate in China. The Dec. 15 attacks also involved corrupted PDF files being e-mailed to targeted individuals within these organizations.

News of the attacks against the contractors comes in the wake of Google’s bombshell announcement last week that it had been victimized by targeted attacks that appeared to have originated in China.

The attack on Google — and more than 30 other technology companies — last week prompted the U.S. State Department to say it will be lodging a formal complaint seeking an explanation from the Chinese government.

China itself meanwhile has denied any involvement in the alleged cyberattacks and called itself a victim of such hackers.

Jan.15 (China Military News cietd from expressvpn.com and written by JOHN GARNAUT) — GOOGLE’S fight with Chinese censors risks escalating into a fullblown US-China showdown over cyber warfare, as claims emerge about the unprecedented scale of Chinese attacks on US commercial and defence systems.

The Chinese-originated attack on Gmail accounts of human rights activists, which Google said had partly prompted its threat to leave China, was “probably insignificant” compared with the “theft” of source code and data from Google and at least 33 other leading technology companies, said a consultant briefed on the cyber attacks.

The details coincided with claims that the FBI had tracked more than 90,000 Chinese-originated attacks last year on the Defence Department alone.

PLA Soldiers operating computers

Australia’s big mining companies are refusing to negotiate iron ore contracts in China because of Chinese security agency intrusions at Rio Tinto, which culminated in the arrest of one of its executives, Stern Hu.

Greg Walton, a security development fellow at the Citizen Lab, University of Toronto, said a series of intelligence leaks implied ”there is something big going on which is not being reported at the moment”.

“Maybe it’s conceivable China has now pulled ahead on offensive operations, partly because US intelligence is geared in a very different way. It’s more, ‘Let’s suck up all the electronic communications in the world through the five eyes’: the intelligence alliance between the US, UK, Australia, Canada and New Zealand.”

A US company, one of the world’s largest, forbids employees from carrying communication equipment into China, including laptops and mobile phones, because of security concerns.

The consultant who was briefed on the Gmail attacks said at least 34 companies, including Yahoo!, Symantec and Adobe, had been affected. A report in The Washington Post named another two companies, Northrop Grumman and Dow Chemical.

Mr Walton said China’s cyber warfare capability was mostly not in the same league as that of the US or Britain.

The Obama Administration has become increasingly concerned about internet censorship in China.

While sources say the US has been quietly disappointed that its co-operative approach to such issues as climate change, the Chinese currency and Iran’s nuclear program, has not been reciprocated, the President, Barack Obama, has publicly pushed censorship, in part because his views resonate with a big proportion of China’s 338 million internet users.

But a political analyst in Washington, Chris Nelson, has written that Mr Obama could be forced to respond to China “in a far more aggressive and public way”.

The Secretary of State, Hillary Clinton, is reportedly planning to release a new technology policy next week to help web users evade censorship controls.

The State Department is understood to have invested big sums in developing technology to help Chinese users overcome China’s firewall.

The largely state-controlled Chinese media, usually packed with protests and elaborate claims about US policies to ”contain” China, barely reported Google’s decision to consider leaving and did not mention censorship.

A Chinese security official said China was likely to continue to tread quietly on the subject because “a large portion of the Chinese public support Google”.

Jin Canrong, professor of international relations at the People’s University, said the “honeymoon was over” in US-China relations but the row over cyberspace would barely create a ripple.

Jia Daojiong, of Peking University, who specialises in US-China relations, urged leaders on both sides to diffuse the “images of confrontation” that have emerged since Copenhagen.

Mr Walton said the attacks on Google, US defence systems and computers were extremely sophisticated.

They all involved the same modus operandi, with “Trojan” viruses being dropped on to computers when users inadvertently opened email attachments purportedly from friends.

This enabled a remote user to drop a kind of remote access device that Chinese hackers call “gh0stRAT”.

In the Google case, he said, data was deposited in a computer ‘’sink hole” in California before being sent back to China.

These attacks had been traced to “patriotic actors” who enjoyed Chinese Government support.

“Intelligence agencies estimate there are approximately half a million of these people willing to engage in cyber warfare,” he said.

A Chinese security source said yesterday that it was unlikely China’s unofficial “internet army” or even military and intelligence agencies had the sophistication to seriously challenge the world’s leading technicians in the US. “The Chinese military uses American software systems,” he said.

October.29 (China Military News Reporting by Johnathan Weng) — The Chinese National University of Defense Technology (NUDT) unveiled Thursday China’s fastest supercomputer, also the World Third fastest computer, which is able to do more than one quadrillion calculations per second theoretically at its peak speed.

China name this supercomputer as “Tianhe-I” (天河一号 meaning River in Sky), which later will be installed in Tianjin. As matter of fact, Tianjin is one of two cities with “Super computing center”

China announces that “Tianhe-I”’s theoretical peak performance can reach 1.2 petaFLOPS and highest LINPACK score is 563.1 teraFLOPS. The rank of “Tianhe-I” peak performance has exceeded the JUGENE (1.0 petaFLOPS) of Jülich Research Centre and its LINPACK score overrun NASA’s Pleiades.

China says the birth of “Tianhe-1″ let China be the second country to develop petaFLOP level supercomputer beside U.S..

“Tianhe-I” has 6,144 Intel CPUs and 5,120 AMD GPUs, Total Memory is 98TB, point-to-point communication bandwidth is 40Gbps. “Tianhe-I” has 103 racks, weights 155 tons and occupies nearly 1,000 square metres. According to Chinese news resources, “Tianhe-I” will be used in computing the structures and properties of chemical compounds, biological macromolecules; physical simulations of airplanes and spaceships. China does not disclose whether this supercomputer will be used in military purposes, such as nuclear weapon development.

“Tianhe-I” has an Architecture of Vector processing Coordination Configurable Parallel System. “Tianhe-I” is one project of well-known “863 Plan” and was initiate in 2008.

Chinese National University of Defense Technology (NUDT) is also the developer of China’s first gigaFLOPS supercomputer “Yinhe”.

At present, the performance score has not been confirmed by Top500.org.

Here is a table of China’s supercomputer development histroy:

September.17 (China Military News, materials re-edited from AFP and Xinhua) — The United States fingered emerging superpower China and resurgent Russia as its main challengers on Tuesday in new intelligence guidelines that highlighted the rising scourge of cyber-war.

PLA officers in one Cyber-War Exercise 

“A number of nation-states have the ability to challenge US interests in traditional and emerging ways,” said the 2009 National Intelligence Strategy (NIS) document.

“China shares many interests with the United States, but its increasing natural resource-focused diplomacy and military modernization are among the factors making it a complex global challenge.”

Intelligence director Dennis Blair said his guidelines for the next four years elevate “the importance of the challenges we face in the cyber domain,” and singled out China as “very aggressive in the cyberworld.”

HQ-6B Air Defense Missile System

His strategy review, the first since 2005, warned the Internet was “neither secure nor resilient” and recommended measures “across the cyber domain to protect critical infrastructure.”

The Russians also came in for criticism on the cyber threat issue and the intelligence document noted that Moscow’s intentions on the world stage remained unclear.

“Russia is a US partner in important initiatives such as securing fissile material and combating nuclear terrorism, but it may continue to seek avenues for reasserting power and influence in ways that complicate US interests,” it said.

The strategy document said combating violent extremism and countering the proliferation of weapons of mass destruction were the top two priorities for the US intelligence community.

Yuanwang-6 Space Tracking Ship, which has been supporting many Chinese space missions

Blair, a former commander of US forces in the Pacific from 1999 to 2002, said the US was now able to target Al-Qaeda more aggressively thanks to years of hard intelligence graft.

“What has really made all the nations safer has been the accumulation of knowledge about Al-Qaeda and its affiliate groups which enables us to be more aggressive in expanding that knowledge and stopping things before they happen.”

He made no allusion to recent US military strikes but his remarks came the day after a lightning US military operation on Somali territory killed top Al-Qaeda fugitive Saleh Ali Saleh Nabhan.

Last month Pakistan Taliban chief Baitullah Mehsud was killed in a US drone attack, reportedly as he was getting a leg massage on the roof of his father-in-law’s house.

“I say we are more aggressive and the ability to be more aggressive is founded on the much larger and more sophisticated understanding of the adversary we have gained across various administrations in recent years,” Blair said.

The NIS strategy review also dished out harsh criticism on Iran and North Korea, where rulers are defying Western attempts to force them to abandon proscribed nuclear activities.

“Iran poses an array of challenges to US security objectives in the Middle East and beyond because of its nuclear and missile programs, support of terrorism, and provision of lethal aid to US and coalition adversaries.

“North Korea continues to threaten peace and security in East Asia because of its sustained pursuit of nuclear and ballistic missile capabilities, its transfer of these capabilities to third parties, its erratic behavior, and its large conventional military capability,” it said.

Blair, only the third director of US national intelligence, also revealed for the first time the overall cost of intelligence activities, putting the annual figure including military-related intel at 75 billion dollars.

Budgets for the 16 US intelligence agencies and their 200,000 staff were until 2007 a closely-guarded secret. The figure for non-military intelligence was given as 47.5 billion dollars last year.

Blair’s position was created by Congress in 2004 after investigations revealed that turf-sensitive intelligence agencies failed to share information that might have averted the September 11 attacks. That failure was followed by US intelligence’s fateful error on Iraq’s weapons of mass destruction.

To the comments that China poses a military threat, Spokesman with China’s Ministry of National Defense Hu Changming said “It is totally groundless and irresponsible” on Thursday.

“China’s military development is always a positive factor for both regional and global peace and stability,” Hu said in a statement, “We demand the U.S. side to respect the fact, take measures to correct the wrong comments and stop doing things that undermine the military relations between the two countries.”

August.20 (China Defense Mashup Reporting by Johnathan Weng) — The official website of the Ministry of National Defense of the People’s Republic of China starts has been online for trial operation today. The domain name of the website is www.mod.gov.cn and it offers English language versions beside the Chinese version.

Screeshot of Website of Chinese Defense Department

Chinese Government says that the website of the Chinese Ministry of National Defense mainly releases authoritative information of China’s national defense and army building and the website is designed to let the outside world have a better perception of China’s national defense policy, display before the world the fine image of the PLA as a mighty, civilized and peaceful force and better promote the national defense and army modernization drive.

In fact this website is powered by Chinamil.com, which is one Internet propaganda agency under “PLA Daily” Newspaper. So the most content of new MOD website is simply copied from Chinamil.com and less attractive, especially in English language version. Besides, the style of new website need to be improved for western browsers.

Unlike the United States DOD website, Chinese Ministry of Defense Website dose not provide high-resolution photos and the video service speed is also sad for the poor bandwidth. Of course, we can not require too much on this new website. But the question is: where the yearly 20 million RMB (nearly 3 million U.S dollar) government investment is spent?

Apr.8 (China Military News cited from CNN by Adam Levine) — The U.S. military has spent at least $100 million defending its computer network from and responding to cyberattacks, according to a top official responsible for network security.

Defense Secretary Robert Gates has highlighted the need to increase personnel involved in cybersecurity.

The money was spent over the last six months responding to incidents that affected the Pentagon’s networks, according to Brig. Gen. John Davis of the U.S. Strategic Command, which is responsible for military cybersecurity.

The money also went toward training and investment in tools and technologies needed because of infiltrations and viruses, he said.

A Picture of PLA Army Commanding Headquarter in ”Libing 2008″ Drill 

Davis said he was asked by the head of Strategic Command, Gen. Kevin Chilton, to track the costs in an effort to analyze the price of reacting to incidents that threaten the military’s cybersecurity.

“We are finding ourselves in an ever-increasing, sophisticated environment where our networks at [the Department of Defense] are increasingly in a contested environment,” Davis said.

He spoke by phone from the USStratcom Cyberspace Symposium, a two-day event in Omaha, Nebraska, for defense officials, as well as technology industry members.

Davis would not give specific examples of cyberattacks, but he said the military’s technology team deals with a wide variety of incidents every day.

“It ranges in scope from the less serious — the bored teenager — all the way up to nation-state capabilities,” Davis said.

“We do know that there are nation states that are investing in capabilities to operate in cyberspace. We have to expect that,” he said. “We have to be able to defend our networks.”

Davis would not name specific countries, but one country the United States is concerned about is China, according to the Pentagon’s 2009 report to Congress on that country’s military.

China “has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks,” according to a 2009 report called the Military Power of the People’s Republic of China.

In 2008, computer systems around the world, including the U.S. government’s, were the target of intrusion that seemed to have originated in China, the report said.

“Although these intrusions focused on exfiltrating information, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks,” the report said.

The money spent on reacting to incidents could be better spent to have the intelligence capabilities so the system could be better defended, Davis said.

“Rather than spending money reacting, it would be wiser to build capabilities in a proactive manner to protect systems in the first place,” he said. “It would be wiser to spend it up front to keep less sophisticated threats off our radar so we can focus on real attacks.”

Davis said the military needs to realize that the Internet is not just a service but a critical part of the Defense Department’s operations that needs to be reliably secure.

“We rely on our networks for war fighting functions. To have a loss of trust would be traumatic,” Davis said.

The military has had some self-inflicted problems from basic security problems, like viruses on personal drives and “phishing” incidents, that hampered its security, Davis said. Last year, external drives were banned from being used on the military network.

As part of his Monday announcement about changes to the Pentagon budgets, Defense Secretary Robert Gates highlighted the need to increase the number of personnel involved in cybersecurity.

Gates announced that the Department of Defense would triple the number of “cyber-experts” to 250 over the next two years.

But that’s not enough, said Davis.

“It’s got to be more,” he said. “But it is a sign of progress.”