HOW CHINA IS REVOLUTIONIZING WARFARE, ACCELERATING PRIVATE SECTOR THEFT, AND POTENTIALLY THREATENING OUR CRITICAL INFRASTRUCTURE
Colleagues: Increasing attention is being directed at Chinese hacking, not only into private sector files, but penetrating military networks as well. Chinese hackers apparently have stolen the blueprints of a new multi-million-dollar Australian spy headquarters as part of a growing wave of cyber attacks against business and military targets, in the United States and in its allies. The hackers also stole confidential information from the Department of Foreign Affairs and Trade, which houses the overseas spy agency the Australian Secret Intelligence Service.
Australian officials, like those in the United States and other Western
nations, have made cyber attacks a security priority following a growing
number of attacks of the resource rich country, mostly blamed on China.
In the United States, the Pentagon’s latest annual report on Chinese
military developments accused Beijing for the first time of trying to break
into U.S. defense networks, calling it “a serious concern”.
In a highly embarrassing intrusion, Chinese hackers broke into the network of the super-secret defense contractor, QinetiQ, a company that had a $4.7 million cyber-security contract from the U.S. Transportation Command, which includes protection of the nation’s critical transport infrastructure. U.S. officials believe that China was able to access the computers at Redstone Arsenal through this portal as well.
During their multi-year assault on defense contractors, Chinese spies stole several terabytes—equal to hundreds of millions of pages—of documents and data on weapons programs. The U.S. cyber-security firm, Mandiant, has laid the blame for many of the intrusions at the feet of “Comment Crew”, which is the Chinese PLA equivalent of our National Security Agency.
China has dismissed as groundless both the Pentagon report and a February
report by the U.S. computer security company Mandiant, which said a
secretive Chinese military unit was probably behind a series of hacking
attacks targeting the United States that had stolen data from 100 companies.
Our friend, Dr. John Arquilla, labels this the “Beijing Bitskrieg: How China is Revolutionizing Warfare”. John posted that analysis on Foreign Policy.com, which is reprinted below. I strongly recommend all read carefully.
This is the future of warfare, private sector security, and critical infrastructure protection. Ty
How China is revolutionizing warfare.
BY JOHN ARQUILLA | Foreign Policy.Com MAY 13, 2013
As the Pentagon’s annual report to Congress, released in mid-May, makes abundantly clear, China is on something of a long march in cyberspace. While most attention is being drawn to the report’s assertions about Chinese snooping into sensitive classified areas and theft of intellectual property from leading American firms — and others around the world — there is some intriguing analysis of Beijing’s broader aims as well.
Indeed, the Pentagon sees a clear progression in Chinese strategic thought that, viewed as a whole, begins to elaborate what might be seen as an emerging military doctrine enabled by advanced information technologies. Just as the radio made skillful coordination of tanks and planes possible, introducing World War II-era blitzkrieg, so today the computer may be opening new vistas for cruise missiles, precision-guided munitions, and other smart weapons.
What’s coming from Beijing is, in a word, “bitskrieg.” The Pentagon report describes this as a three-phase process. First, there is a “focus on exfiltrating data” so as to gain vital information needed about military command and control systems as well as the points in our critical infrastructure that are vulnerable to disruption by means of cyberattack. It is believed that the Chinese have been engaging in this sort of intelligence gathering for many years — intrusions that Washington first openly acknowledged 10 years ago, giving them the code name “Titan Rain.” It has been raining steadily for the past decade.
With all these data in hand, the second step — per the Pentagon report — is to use the same intrusive means that mapped our defense information systems to disrupt them with worms, viruses, and an assortment of other attack tools. The goal at this point is to slow the U.S. military’s ability to respond to a burgeoning crisis or an ongoing conflict. Think of what might happen, say, on the Korean Peninsula, if our small contingent there — a little over 25,000 troops — were to lose its connectivity at the outset of a North Korean invasion by its million-man army. Without the ability to operate more nimbly than the attacker, these forces would be hard-pressed from the outset. Cyberattacks on mostly automated force-deployment and air-tasking systems could also slow the sending of reinforcements and greatly impede air interdiction operations. In the first Korean War, the Chinese intervened with massive numbers of troops. In the second one, they might only have to send electrons.
The real payoff for Beijing, though, is in what the Pentagon report describes as China’s envisioned third phase of cyber-operations. This is the point at which the information advantage — that is, the ability to coordinate one’s own field operations while the adversary’s have been completely disrupted — is translated into material results in battle. The Pentagon describes cyberattack at this point as amounting to a major “force multiplier.” Gaining such advantage means winning campaigns and battles with fewer casualties relative to those inflicted upon the enemy. In this respect, computer-driven “bitskrieg” could, it is thought, generate results like those attained by mechanized blitzkriegs — which also aimed at disrupting communications. In the Battle of France in 1940, for example, where the Germans had fewer troops and tanks, the Allies lost more than four times the number of soldiers as the Wehrmacht.
When my long-time research partner David Ronfeldt and I introduced our concept of cyberwar 20 years ago, the second and third phases of cyberattack that the Pentagon report describes are what we had in mind. In our view, striking at an enemy’s ability to maintain information flows, while keeping one’s own communications secure, would be the key to gaining a war-winning advantage in conflicts to come. But this would only hold true, we affirmed, if senior leaders recognized that cyberwar poses “broad issues of military organization and doctrine.”
The point being that technology alone doesn’t create or sustain the advantage. In the case of blitzkrieg it was concentrating tanks in panzer divisions and closely linking them with attack aircraft that made the difference. To succeed at cyberwar, it will be necessary both to scale down large units into small ones and “scale them out” across the battlespace rather than mass them together. In this fashion — spread out but completely linked and able to act as one — the sweeping maneuvers of blitzkrieg will be supplanted by the swarming attacks of bitskrieg, characterized by the ability to mount simultaneous strikes from many directions. The guiding organizational concept for this new approach flows closely from technologist David Weinberger’s thoughtful description of online networks: “small pieces, loosely joined.”
Thus should the Pentagon annual report to Congress be delved into more deeply — for the document reflects a clear awareness of, and takes a subtle, layered approach to thinking about, the Chinese cyber threat. One can only hope that the U.S. military analysis of Beijing’s looming capacity for bitskrieg is mirrored by introspective views and similarly nuanced considerations of American capacities for waging cyberwar. For the three phases described in the Pentagon report — so consistent with the original vision Ronfeldt and I described two decades ago — reflect the kind of conflict that is coming.
The militaries of most advanced countries think of cyberwar as a new form of strategic attack on power grids and such. The Chinese view differs, seeing this mode of conflict as much less about turning off the lights for a while in some other country and much more about defeating an opposing military grown dependent upon sustained, secure, and ubiquitous flows of information. Lights can always be turned back on. Soldiers’ lives lost amid the battlefield chaos caused by a bitskrieg can never be reclaimed.
Thoughtful reading of the Pentagon report should affirm this — and appropriate action, along the lines of scaling down and “scaling out” our forces, and encouraging them to “swarm,” must follow.
John Arquilla is head of the Defense Analysis department at the Naval Postgraduate School in Monterey. This article is reprinted with the permission of the author.