China is “the most threatening actor in cyberspace” as its intelligence agencies and hackers use increasingly sophisticated techniques to gain access to U.S. military computers and defense contractors, according to the draft of an annual report mandated by Congress.
Chinese hackers are moving into “increasingly advanced types of operations or operations against specialized targets,” such as sensors and apertures on deployed U.S. military platforms, according to the report.
“China’s persistence, combined with notable advancements in exploitation activities over the past year, poses growing challenges to information systems and their users,” the U.S.-China Economic and Security Review Commission said in the draft obtained by Bloomberg News. “Chinese penetrations of defense systems threaten the U.S. military’s readiness and ability to operate.”
A U.S. intelligence official, speaking on the condition of anonymity to discuss classified matters, described as relentless China’s efforts to blind or disrupt U.S. intelligence and communications satellites, weapons targeting systems, and navigation computers.
The commission’s draft report bolsters warnings by U.S. officials that cyberattacks pose growing risks to the military and to critical industries such as electric utilities, pipelines, and telecommunications. Defense Secretary Leon Panetta cited Chinese and Russian capabilities in an Oct. 11 speech, saying cyber threats could become as devastating as the Sept. 11, 2001, terrorist attacks.
Most cyber activity in China during the past year “relied on basic and straightforward techniques,” such as “zero-day” attacks that exploit a software vulnerability for which victims have no immediate fix or patch and the use of stolen digital certificates to make malware appear legitimate, according to the draft.
“Irrespective of the sophistication, the volume of exploitation attempts yielded enough successful breaches to make China the most threatening actor in cyberspace,” according to the draft.
Geng Shuang, a spokesman for the Chinese embassy in Washington, didn’t return an e-mail seeking comment on the draft report.
Most Chinese intrusions against U.S. government and military systems appear intended to collect intelligence or technology rather than launch attacks, the commission said. Penetrations of U.S. military systems, though, “could switch to become disruptive or destructive,” and that’s a danger because they “still reportedly require weeks to investigate.”
Created by Congress in 2000, the bipartisan commission has reported on China’s economic and military rise, usually in critical assessments accompanied by recommendations for counter-actions such as trade sanctions. Its annual overview and a yearly Pentagon report are the two primary publicly available official assessments of China’s military developments.
The draft on cybersecurity, part of an annual report scheduled for release on Nov. 14, calls for Congress to “develop a sanctions regime to penalize specific companies found to engage in, or otherwise benefit from, industrial espionage” and to define it as an “illegal subsidy subject to countervailing duties.”
The draft concludes that China’s network of civilian and military cyber specialists includes units of the People’s Liberation Army.
Retired Marine General James Cartwright, a former vice chairman of the U.S. Joint Chiefs of Staff, told the commission in March that, “While it is very difficult in cyber to have a ‘smoking gun,’ so to speak, the clear paths back into servers and other mechanical devices inside of the Chinese sovereign domain remain a constant problem for us.”
While the Chinese military’s ability to manage sophisticated computer systems is limited, according to the report, its leaders “recognize this weakness and intend to develop a pool of soldiers” who can manage cyber technology as well as advanced weapons systems.
China employs a “cyber warfare militia,” PLA civilian units “usually comprised of workers with high-tech day jobs” that focus on military communications, electronic warfare and computer network operations, the draft said.
The militia members are among the nation’s 538 million Internet users with access to 677 million devices that can be used to enter the Internet, according to the International Data Corp.
This scale of Internet access “greatly influences the global volume of malicious activity,” the draft says.
According to statistics supplied to the commission by San Francisco-based service provider CloudFlare Inc., attacks account for about 15 percent of global Internet traffic on any given day.
That “plummeted to about 6.5 percent” around Oct. 1, 2011, China’s National Day, “when many workers take leave,” according to the draft report.
China’s military capabilities, including cyberwarfare, haven’t been an issue in the U.S. presidential election even as Republican candidate Mitt Romney has criticized China on trade and currency issues.
Romney wrote in his book, “No Apology,” that China’s investments in “cyberwarfare, anti-satellite warfare and anti-ship weaponry, for example, are calculated to neutralize our military’s many strategic advantages.”
The commission in March released a report by Northrop Grumman Corp. that concluded China’s cyber capabilities are advanced enough to disrupt U.S. military operations during a conflict over Taiwan. The draft report cites the Northrop Grumman study in outlining its broader conclusions about China’s advances.
The National Intelligence Council, using data culled from 13 U.S. agencies, concluded in November 2011 that “China and Russia view themselves as strategic competitors of the United States and are the most aggressive collectors of U.S. economic information and technology.”
The China commission’s annual report last year disclosed that computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway.