China Reveals Its Cyberwar Secrets

Uploaded on 2015-03-30 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, NEWS-Cybersecurity News

china-is-waging-cyberwar-2-650x0.jpg?1361548326
A high-level Chinese military organization has for the first time formally acknowledged that the country’s military and its intelligence community have specialized units for waging war on computer networks.
China’s hacking exploits, particularly those aimed at stealing trade secrets from US companies, have been well known for years, and a source of constant tension between Washington and Beijing. But Chinese officials have routinely dismissed allegations that they spy on American corporations or have the ability to damage critical infrastructure, such as electrical power grids and gas pipelines, via cyber attacks.
Now it appears that China has dropped the charade. “This is the first time we’ve seen an explicit acknowledgement of the existence of China’s secretive cyber-warfare forces from the Chinese side,” says Joe McReynolds, who researches the country’s network warfare strategy, doctrine, and capabilities at the Center for Intelligence Research and Analysis. 
The acknowledgment could have political and diplomatic implications for China’s relationship with the United States and other Western powers.  
China has divided its cyber warfare forces into three types, said McReynolds, whose analysis is included in his forthcoming book, China’s Evolving Military Strategy, which will be published in October.
First, there are what the Chinese call “specialized military network warfare forces” consisting of operational military units “employed for carrying out network attack and defense,” McReynolds said.
Second, China has teams of specialists in civilian organizations that “have been authorized by the military to carry out network warfare operations.” Those civilian organizations include the Ministry of State Security, or MSS, which is essentially China’s version of CIA, and the Ministry of Public Security (its FBI).
Finally, there are “external entities” outside the government “that can be organized and mobilized for network warfare operations,” McReynolds said.
As to which of those groups is responsible for targeting American companies to steal their secrets, the short answer, says McReynolds: “They all do it.” Espionage by the PLA has been extensively documented, McReynolds said. And a Chinese hacking unit dubbed Axiom that has been linked to intrusions against Fortune 500 companies, journalists, and pro-democracy groups is reportedly an MSS actor. He noted that there are also many ways that Chinese civilians have been seen assisting in industrial espionage, including through “hack-for-cash” operations.
Now that China is coming clean about its cyber warfare forces, other countries may question whether they can safely cooperate with the government on combating cybercrime. The Ministry of Public Security (MPS), for instance, has assisted more than 50 countries with investigations of more than a thousands cases of cybercrime over the past decade, and China has set up bilateral law enforcement cooperation with more than 30 countries, including the United States, the United Kingdom, Germany, and Russia.
Experts generally agree that Russia, China, and the United States have the most advanced and sophisticated cyber warfare forces. 
The Daily Beast http://bbc.in/1OyIa0a

 

« You Can Tell Which Emails are Being Tracked.
Crime has gone High-Tech and the Law Hasn’t »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Lockton

Lockton

Lockton is the world’s largest privately owned insurance brokerage firm. Commercial services include Cyber Risk insurance.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

KvantPhone

KvantPhone

KvantPhone (formerly CryptTalk) is an easy-to-use, quantum resistant secure communication service designed for businesses and large organizations.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Risk Ident

Risk Ident

RISK IDENT specializes in supporting enterprises in identifying and preventing criminal activity like payment fraud, account takeovers and identity theft.

Emirates International Accreditation Center (EIAC)

Emirates International Accreditation Center (EIAC)

EIACI is the national accreditation body for the United Arab Emirates. The directory of members provides details of organisations offering certification services for ISO 27001.

oneM2M

oneM2M

oneM2M is a global organization creating a scalable and interoperable standard for communications of devices and services used in M2M applications and the Internet of Things.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

Spamhaus

Spamhaus

Spamhaus is the world leader in supplying realtime highly accurate threat intelligence to the Internet's major networks.

Melius CyberSafe

Melius CyberSafe

Melius CyberSafe has developed a world-leading SaaS platform built around continuous assessment and improvement through vulnerability scanning and penetration testing.

AMSYS Innovative Solutions

AMSYS Innovative Solutions

AMSYS is a full-service, 24/7/365 IT solutions, Cybersecurity & Managed Service Provider.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

Stratsec

Stratsec

Stratsec is a global team of experts on a mission to protect human life, well-being and the environment against cyber-driven threats.

North Pole Security

North Pole Security

North Pole Security provide Endpoint Protection For macOS. Meet Workshop, the first modern endpoint protection platform for macOS. Stop threats before they start while keeping the business moving.