Shulou(Shulou.com)06/01 Report--

Computer Security

The Dragon and the Computer: Chinese Cyber-Warfare

By: Paulo Shakarian, Posted on: July 31, 2013 Comments: 0

Dear Readers

I'm happy to be writing for Elsevier's new blog to introduce the book Introduction to Cyber-Warfare: A Multidisciplinary Approach that I wrote with my wife Jana and our good friend Andrew Ruef. The book is designed to introduce the reader to this new domain of warfare through a series of case studies. This is much the way I learned about conventional military operations through my military training-and why there are so many good books on military history. Jana, Andrew, and I felt that there should be a similar "military history" for cyber-war-so we hope this can help fill that void.

Many people have asked us what we thought about In the light of recent news stories about China engaging in cyber-warfare, particularly regarding intellectual property theft. So, in talking with the good folks at Elsevier, we want answer some of those questions-while giving you a taste of this new book.

The following article is an excerpt from the new book Introduction to Cyber-Warfare: A Multidisciplinary Approach published by Syngress, an imprint of Elsevier. Order your copy now and save 30%! Just enter discount code "SYN30" at checkout.

The Dragon and the Computer: Why Intellectual Property Theft is Compatible with Chinese Cyber-Warfare Doctrine

By Paulo Shakarian, Jana Shakarian, and Andrew Ruef

Abstract: Along with the USA and Russia, China is often considered one of the leading cyber-powers in the world. In this exerpt, we explore how Chinese military thought, developed in the 1990 s, influenced their cyber-operations in the early 2000 s. In particular, we examine the ideas of Unrestricted Warfare and Active Offense and discuss how they can permit for the theft of intellectual property. We then specifically look at how the case study of Operation Aurora-a cyber-operation directed against many major room. technology and defense firms, reflects some of these ideas.

Over the past five years, the news media is seemingly littered with alleged Chinese cyber-incidents. These activities have included instances of theft of guarded scientific data, monitoring of communication of the Dalai Lama, and theft of intellectual property from Google. In a testimony to the Congressional Armed Services Committee, General Keith Alexander, the commander of. Cyber Command and head of the National Security Agency (NSA), stated that China is stealing a "great deal" of military-related intellectual property from the. Clearly, cyber-espionage, which includes the theft of intellectual property, is already a key component of Chinese cyber-strategy. The recently released report by the security firm Mandiant provides technical analysis leading to the conclusion that an organization within the People's Liberation Army (Unit 61398) has been responsible for a great deal of cyber-espionage against English-speaking countries. In this paper, we highlight some of the relevant Chinese doctrine that we believe led to organizations like Unit 61398 and others.

+

The activities of exfiltration, monitoring, and theft of digital information described here can be easily labeled as incidents of cyber-espionage. The apparent goal of this type of cyber-operation is not to take the computers offline or destroy the data that they contain but rather to capture data of the opposing force. This being the case, such activities could not be labeled as cyber-attacks, because the targeted systems and their data must remain intact in order to obtain the desired data. Hence, we can define cyber-espionage as the act of obtaining access to data from a computer system without the authorization of that system's owner for intelligence collection purposes.

11:52-next

However, like incidents of computer network attack, these incidents of cyber-espionage too are notoriously difficult to attribute. What then, leads us to believe Chinese involvement in the cyber-espionage incidents? If attribution is so difficult, then why do these actions cause corporations like Google and Northrop Grumman, as well as high-level diplomats such as U.S. Secretary of State Hilary Clinton to issue strong statements against the Chinese government in the wake of such attacks? The issue lies in the origin of the incidents. Often computers involved with the theft of digital information are traced back to networks that are located on the Chinese mainland. Further, forensic analysis of malware from such incidents often indicates the use of Chinese-language software development tools. Though it is virtually impossible to implicate the government of the People's Republic of China (PRC) in these cyber-espionage actions, the fact that they can be consistently traced to the Chinese mainland raises serious policy questions. Is the Chinese government conducting active investigations against the hackers, and what legal actions are they taking once hackers are identified? Is the Chinese government transparently sharing information of these supposed investigations with the victims of the cyber-espionage? What legal actions is Beijing taking to prevent individual hackers from attacking organizations outside of China? These questions must be given serious consideration in the wake of attempted cyber-espionage to when there is evidence of Chinese origin... [Click here to read the full except as a PDF]

Also note that this excerpt is also available in the Spanish language, courtesy of the U.S. Air Force.

Additional Reading from Elsevier Connect: China and Cyberwarfare-Insights from a Military Computer Scientist

About the Author:

He has written over twenty papers published in scientific and military journals. Relating to cyber-warfare, he has written the paper "Stuxnet: Cyberwar Revolution in Military Affairs" published in Small Wars Journal and "The 2008 Russian Cyber-Campaign Against Georgia" published in Military Review.

His scientific research has also been well received, featured in major news media such including The Economist and Nature. Previously, he has authored Geospatial Abduction: Principles and Practice published by Springer.

Paulo holds a Ph.D. And M.S. In computer science from the University of Maryland, College Park, a B.S. In computer science from West Point, and a Depth of Study in Information Assurance also from West Point. Paulo has served two combat tours in Operation Iraqi Freedom. His military awards include the Bronze Star, Meritorious Service Medal, Army Commendation Medal with Valor Device, and Combat Action Badge. Learn more about Paulo, at his website.

The opinions in this article are solely those of the author and do not necessarily reflect the opinions of the US Military Academy, the US Army or the Department of Defense.

***

Computer security

Chinese and computers: China's computer network war.

Author: Paulo Shakarian

Publication date: July 31, 2013

Dear readers.

The original intention of this book is to show a new field of war cyber warfare through a series of studies. I understand that the most conventional and effective way of traditional military operations is through military training-which is why there are so many books on historical military affairs. Jana,Andrew is like other wars in the history of cyber warfare, so we hope this book will fill this gap.

Many people will ask us about the recent hot news about cyber warfare in China, especially about the theft of intellectual property rights. So, while chatting with people on the Elsevier blog, we want to answer some questions about this-to let you know about this new book.

The following article is an excerpt from this new book on cyber warfare: a multidisciplinary approach published by Syngress, Elsevier's version notes. You can get a 70% discount for ordering your copy right away! Just enter and click 'SYNS30'' to pay.

Chinese and computers: why intellectual property theft is compatible with Chinese Internet theory.

Authors: Paulo Shakarian, Jana Shakarian, and Andrew Ruef

In this article, we explore the ideas of the Chinese military, which were developed in the 1990s and influenced their network operations in the early 21st century. We then paid special attention to the case study of Operation Aurora-an online operation that directly confronted many American interests, such as science and technology and defense law firms, reflecting some of these ideas.

Over the past five years, some news media have reported online incidents that appear to be scattered in China. These activities include stealing examples of guarded scientific data, monitoring Dalai Lama's communications, and stealing Google's intellectual property rights. In testimony before the Congressional Armed Forces Committee, General Keith Alexander, head of the National Security Agency's Cyber Command (NSA). He pointed out that China has stolen "a lot" of military-related intellectual property rights from the United States. Explicit cyber espionage, including the theft of intellectual property rights, has become a key component of China's cyber strategy. A recent report released by Mandiant, a security company, points to this conclusion that an organization affiliated with the people's Liberation Army (Unit 61398) has engaged in a large number of military espionage activities against native English-speaking countries. In this book, we place special emphasis on some corresponding theories in China, which we believe have led to the emergence of organizations like Unit 61398 or other similar organizations.

In this case, these activities cannot be marked as network * because the target system and its data must be kept intact in order to obtain the data they need. Therefore, we can define cyber espionage as the act of collecting intelligence in order to obtain data from a computer system without being authorized by the owner of the computer system.

In any case, like the computer network incident, the same is true of cyber espionage, which is notoriously difficult to identify. So what leads us to believe that China is involved in cyber espionage? This statement lists the origin of the events, most of which involve the theft of data information that has been traced online to show that the source came from Chinese mainland. Further, by analyzing the malware in these events, we will find that the development tools of these software are in Chinese. So it is almost impossible for the government to be involved in cyber espionage. In fact, they can be traced back to the political crisis of Chinese mainland. Is the Chinese government conducting an anti-government investigation? so, what legal acts have been determined to have been committed by the government? Does the Chinese government transparently share the information that should be investigated with victims of cyber espionage? What legal actions will be taken by Beijing to prevent individual attacks outside China? These issues must be seriously considered, and evidence of Chinese origin suggests an attempt to awaken cyber espionage.

It also shows that some of these excerpts are from Spain and some from the United States Air Force.

Other reading links: a perspective of China's cyber warfare from the eyes of military computer scientists.

About the author:

Paulo Shakarian, Ph.D. He is a major in the United States Army and assistant professor of computer science, teaching computer science and technology, as well as network security, social networking, and artificial intelligence. He has written more than 20 books and published in scientific and military journals. When it comes to cyber warfare, he has written the Stuxnet Worm: the military Revolution in Cyber Warfare published in Mini War Newspapers and Russia's Cyber activities against Georgia in 2008 in military commentary.

His scientific research has yielded good returns, characterized by the major news media, including economists and natural research. Previously, he wrote about Geospatial: principles and practices published by Springer.

Paulo holds a Ph.D. And M.S. Engaged in computer science, University of Maryland, College Park, West Point, a bachelor of science in computer science, in-depth study of information security. He served as a brigade commander of two combat brigades in Operation Iraq Freedom, and his troops have won the Bronze Star, Medal of Honor, Army Commendation Medal, and Walley Technology equipment and Battle Operations badges. To learn more about Paulo, please visit his website.

The views in this article are only the author and do not necessarily reflect the views of the United States military Academy, the United States Army or the Department of Defense.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.