Wednesday, November 28, 2012

Chinese Capabilities for computer Network Operations and Cyber Espionage

Chinese Cyber Threat in the Open

When people are discussing nation-state cyber threats against the U.S. in public, they often do so in whispers, assuming that all information is classified. However, it may come as a surprise to many the amount of information that currently exists in the public domain.

One example of this can be found in a compelling report compiled this year for the U.S.-China Economic and Security Review Commission, called “Occupying the Information High Ground: Chinese Capabilities for computer Network Operations and Cyber Espionage,” the paper covers such provocative topics as the Chinese strategic view of cyber warfare, how they’re organized, distinctions between state sponsored and criminal activity, to name just a few.

This paper makes several interesting observations (which will be explored in later posts). Some of them include:

  • Effects of early Chinese Computer Network Attack preparation may not be observable until after conflict erupts.
  • The U.S. lacks comprehensive policy on response to large scale network attack if there is not definitive attribution.
  • Beijing may use cyber policy and legal frameworks to create delays in US command decision making and response in the event of conflict.

While this paper pulls information from a number of sources, it is also possible to gain some insight into potential targets – at least from an industrial espionage standpoint – just by looking at what the Chinese government openly states it will do.

A good place to delve even more deeply into this topic is China’s own “12th 5-Year Plan.” This is the guiding document for the country’s economic plan and they stick pretty close to it. A good analysis of the plan as it pertains to energy can be found here.

Based on the volume of news and other analysis, it can be assumed that industrial espionage is culturally rampant in China. If that’s the case, it also seems inevitable that someone over there will be targeting (the typically more mature) U.S. assets and operations to enhance their own industrial capabilities.

In reading through the KPMG paper above it becomes apparent that Hydro Electric utilities may be targets for cyber espionage:

  • 3 out of 7 strategic investment areas in the 5 year plan relate to energy: clean energy, energy conservation, and clean energy cars
  • Hydroelectric is an area targeted for high growth
  • China’s big 5 power looking at overseas investments…including renewable energy

While there is no actual technical data (logs, reports) supporting the fact that Hydro is being targeted for cyber attacks, and the KPMG paper focuses primarily on business perspectives as opposed to cyber, it is these “open source” business perspectives that guide us toward identifying which cyber assets and information might be potential upcoming targets.

No comments: