WASHINGTON: The United States for the first time is publicly warning about the Chinese military’s use of civilian computer experts in clandestine cyberattacks aimed at American companies and government agencies.
In a move that is being seen as a pointed signal to Beijing, the Pentagon laid out its concerns this week in a carefully worded report.
The People’s Liberation Army, the Pentagon said, is using “information warfare units” to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals.
This assertion shines a light on a quandary that has troubled American authorities for some time: How does the United States deal with cyberespionage emanating from China and almost certainly directed by the government — despite the fact that US officials do not have or cannot show proof of those ties?
Asked about the civilian hackers, a Defense Department spokesman said the Pentagon is concerned about any potential threat to its computer networks. The Pentagon, said Cmdr. Bob Mehal, will monitor the PLA’s buildup of its cyberwarfare capabilities, and “will continue to develop capabilities to counter any potential threat.”
The new warning also comes as US and other international leaders are struggling to improve co-operation on global cybercrime and set guidelines for Internet oversight.
“The Chinese Government, particularly the PLA, has sought to tap into the hacker community and take advantage of it,” said cybersecurity expert James Lewis, a senior fellow at the Centre for Strategic and International Studies.
“One of the things that the Defense Department has been looking for is a way to start signalling potential opponents about activities that might cross the line in cyberspace.”
The China report, he said, is one way to send that signal to Beijing.
The Pentagon report says that last year “numerous computer systems around the world, including those owned by the US Government, continued to be the target of intrusions that appear to have originated within” the People’s Republic of China.
It also pointed to an alleged China-based computer spying network — dubbed GhostNet — that was revealed in a research report last year. The report said the spy ring stole sensitive information from nearly 1,300 computer hard drives, including networks belonging to embassies, government offices, and the Dalai Lama and his exiled Tibetan Government. Chinese officials denied any involvement.
The use of civilian cybermercenaries gives countries such as China deniability, said Jerry Dixon, former director at the Department of Homeland Security’s Computer Emergency Readiness Team.
“It really makes it more complex. They can use multiple groups to carry out cyberespionage,” he said. “If you want to have deniability you use a firm through covert channels to carry out some action for you, on behalf of your country.”
He and others noted, however, that there are hackers in China who are not connected to the Chinese military or government but are also targeting US companies and agencies. And officials acknowledge it is difficult to determine what percentage of those civilian cybercriminals have ties to the PLA. — AP