Cyberwarfare in 2011 is an odd beast. Many Western governments reportedly actively monitor rivals and engage in online sabotage, while countries ranging from Israel to Iran to India also engage in cyberwarfare programs of their own. But it’s attacks against the American government and commercial websites such as Google that grab headlines.
As foreign governments learn the ease of obtaining intelligence online and foreign corporations continue to get the edge on their competitors through massive online attacks, future hacker efforts will only become more ambitious. One of the countries where many of these civilian and military attacks reportedly originate is China.
FAST COMPANY: Could you give a short rundown of China’s suspected role in cyberespionage of both governments and corporations?
ADAM SEGAL: A number of fairly well-publicized attacks on U.S. governments and corporate interests with codenames like “Titan Rain” have taken place. In many cases, attribution to China is fairly speculative. In the Google case, it was supposedly traced back by IP address but in many cases it’s fairly suspect. But they are motivated primarily by espionage reasons–both military and industrial–and also in some cases, by preparing the battlefield. Looking at potential targets that would be used in a military scenario in case there was, in fact, conflict.
As far as preparing the battlefield, do you think it is mostly organized by the government, the People’s Liberation Army (PLA) and groups like that, or is it just bored kids with some sort of connection to government?
Well, that’s the $64,000 question in the Chinese context. The question is who is responsible for these things, even if you trace it back to China, is if they are bored hackers or PLA members or criminals with ties to the PLA or PLA divisions acting criminally? We don’t really know. I suspect that the majority of the attacks and espionage on on the criminal side are by patriotic hackers that have some sort of connection, maybe financial, to the PLA or the State Security Ministry. In the cases of power grids and other cases like that, I suspect PLA affiliation, but there is no way to know.
Yes. I think the way that the United States, the United Kingdom, and most other Western countries use it is for defense of computers and communications networks. The Chinese, like the Russians, also use the term “information security,” which includes content. They are not only concerned about attacks on networks, but which information is being carried on them–which could affect national security. The worry is that Twitter, Facebook, and other social networks could be used for political reasons inside China. When you look at the Shanghai Cooperation Organization and their statements on information security, they have a big focus on domestic security.
Are many suspected American cyberespionage or cyberwarfare efforts believed to be taking place against China?
I can say that Chinese officials I have spoken to say it’s widespread. They basically assume that the National Security Agency (NSA) is in all their networks. They tend to view U.S. companies as instruments of U.S. policy, so they will say we are the political party because they have to rely on Cisco and Microsoft products–and they assume all these products are built with backdoors for the NSA to take advantage of. I suspect that the NSA and U.S. government do conduct some espionage against the Chinese and they have some reason to be apprehensive.
As far as Chinese hackers, is their knowledge mostly homegrown or are they connected to the larger hacker subculture?
I haven’t spent much time looking at the hackers, but my sense is that they have some kind of contact with the larger subculture and that they draw on the ethos of it. But, like a lot of things, it has Chinese characteristics. For a long time, we used to speak of “socialism with Chinese characteristics” and then “market capitalism with Chinese characteristics.” Now there is “hacking with Chinese characteristics” as well. It draws from the outside but they make it their own.
Do you see any other countries imitating China’s cyberwarfare and cyberespionage efforts?
I see a lot of similarities between what is happening in Russia and what is happening in China, with both state and non-state actors among their hackers. Both states find plausible deniability important for strategic and political reasons. In India, there has been a lot of discussion in the press about how the country should have its own patriotic hackers. But with India being a democracy, I think it is harder. However, I think there have been efforts to build those sorts of efforts. But the bigger issue is that many of China’s attitudes towards cyberspace more broadly–such as information security vs cybersecurity and being able to control the internet domestically–are all pretty attractive to developing countries. They are offering an attractive ideological model.
[Image: Flickr user Marc oh!]