China cyber-warfare translation

Computer Security

The Dragon and the Computer: Chinese Cyber-Warfare

By: Paulo Shakarian, Posted on: July 31, 2013 Comments: 0

Dear Readers,

I’m happy to be writing for Elsevier’s new blog to introduce the book Introduction to Cyber-Warfare: A Multidisciplinary Approach that I wrote with my wife Jana and our good friend Andrew Ruef.  The book is designed to introduce the reader to this new domain of warfare through a series of case studies. This is much the way I learned about conventional military operations through my military training – and why there are so many good books on military history.  Jana, Andrew, and I felt that there should be a similar “military history” for cyber-war – so we hope this can help fill that void.

Many people have asked us what we thought about In the light of recent news stories about China engaging in cyber-warfare, particularly regarding intellectual property theft.  So, in talking with the good folks at Elsevier, we want answer some of those questions -  while giving you a taste of this new book.

The following article is an excerpt from the new book Introduction to Cyber-Warfare: A Multidisciplinary Approach published by Syngress, an imprint of Elsevier. Order your copy now and save 30%! Just enter discount code “SYN30” at checkout.

The Dragon and the Computer: Why Intellectual Property Theft is Compatible with Chinese Cyber-Warfare Doctrine

By Paulo Shakarian, Jana Shakarian, and Andrew Ruef

Abstract: Along with the USA and Russia, China is often considered one of the leading cyber-powers in the world. In this exerpt, we explore how Chinese military thought, developed in the 1990’s, influenced their cyber-operations in the early 2000’s. In particular, we examine the ideas of Unrestricted Warfare and Active Offense and discuss how they can permit for the theft of intellectual property.  We then specifically look at how the case study of Operation Aurora – a cyber-operation directed against many major U.S. technology and defense firms, reflects some of these ideas.

Over the past five years, the news media is seemingly littered with alleged Chinese cyber-incidents. These activities have included instances of theft of guarded scientific data,  monitoring of communication of the Dalai Lama, and theft of intellectual property from Google. In a testimony to the Congressional Armed Services Committee, General Keith Alexander, the commander of U.S. Cyber Command and head of the National Security Agency (NSA), stated that China is stealing a “great deal” of military-related intellectual property from the U.S. Clearly, cyber-espionage, which includes the theft of intellectual property, is already a key component of Chinese cyber-strategy.  The recently released report by the security firm Mandiant provides technical analysis leading to the conclusion that an organization within the People’s Liberation Army (Unit 61398) has been responsible for a great deal of cyber-espionage against English-speaking countries. In this paper, we highlight some of the relevant Chinese doctrine that we believe led to organizations like Unit 61398 and others.

++++

The activities of exfiltration, monitoring, and theft of digital information described here can be easily labeled as incidents of cyber-espionage. The apparent goal of this type of cyber-operation is not to take the computers offline or destroy the data that they contain but rather to capture data of the opposing force. This being the case, such activities could not be labeled as cyber-attacks, because the targeted systems and their data must remain intact in order to obtain the desired data. Hence, we can define cyber-espionage as the act of obtaining access to data from a computer system without the authorization of that system’s owner for intelligence collection purposes.

11:52 -- next

However, like incidents of computer network attack, these incidents of cyber-espionage too are notoriously difficult to attribute. What then, leads us to believe Chinese involvement in the cyber-espionage incidents? If attribution is so difficult, then why do these actions cause corporations like Google and Northrop Grumman, as well as high-level diplomats such as U.S. Secretary of State Hilary Clinton to issue strong statements against the Chinese government in the wake of such attacks? The issue lies in the origin of the incidents. Often computers involved with the theft of digital information are traced back to networks that are located on the Chinese mainland. Further, forensic analysis of malware from such incidents often indicates the use of Chinese-language software development tools. Though it is virtually impossible to implicate the government of the People’s Republic of China (PRC) in these cyber-espionage actions, the fact that they can be consistently traced to the Chinese mainland raises serious policy questions. Is the Chinese government conducting active investigations against the hackers, and what legal actions are they taking once hackers are identified? Is the Chinese government transparently sharing information of these supposed investigations with the victims of the cyber-espionage? What legal actions is Beijing taking to prevent individual hackers from attacking organizations outside of China? These questions must be given serious consideration in the wake of attempted cyber-espionage to when there is evidence of Chinese origin… [Click here to read the full except as a PDF]

Also note that this excerpt is also available in the Spanish language, courtesy of the U.S. Air Force.

Additional Reading from Elsevier Connect: China and Cyberwarfare — Insights from a Military Computer Scientist

About the Author:

Paulo Shakarian, Ph.D. is a Major in the U.S. Army and an Assistant Professor of Computer Science at the U.S. Military Academy (West Point) teaching classes on computer science and information technology as wells as conducting research on cyber-security, social networks, and artificial intelligence. He has written over twenty papers published in scientific and military journals. Relating to cyber-warfare, he has written the paper “Stuxnet: Cyberwar Revolution in Military Affairs” published in Small Wars Journal and “The 2008 Russian Cyber-Campaign Against Georgia” published in Military Review.

His scientific research has also been well received, featured in major news media such including The Economist and Nature. Previously, he has authored Geospatial Abduction: Principles and Practice published by Springer.

Paulo holds a Ph.D. and M.S. in computer science from the University of Maryland, College Park, a B.S. in computer science from West Point, and a Depth of Study in Information Assurance also from West Point. Paulo has served two combat tours in Operation Iraqi Freedom. His military awards include the Bronze Star, Meritorious Service Medal, Army Commendation Medal with Valor Device, and Combat Action Badge. Learn more about Paulo, at his website.

The opinions in this article are solely those of the author and do not necessarily reflect the opinions of the US Military Academy, the US Army or the Department of Defense.

***

計算機安全

華人與計算機:中國計算機網絡戰爭.

作者:Paulo Shakarian

出版日期:2013年7月31日

親愛的讀者,

我非常高興在 Elsevier 的新博客中寫一個關于網絡戰爭的介紹：我和我的妻子 Jana 還有我們的好朋友 Ruef通過一種綜合的研究方法來完成它。這本書的初衷是通過一系列的研究展現一個新的領域的戰爭網絡戰爭。我了解傳統軍事行動最常規、最有效的方式是通過軍事訓練-這就是為么會有如此多的書籍是關于歷史軍事的。Jana，Andrew 和我覺得網絡戰爭歷史上的其他戰爭一樣，所以我們希望這本書能夠填補這一空白。

許多人會問我們對于最近比較熱的關于中國從事網絡戰的新聞，特別是關于知識產權的盜竊。所以，在和 Elsevier 博客上的網友聊天時，我們想要回答一些關于這方面的問題-讓你了解這本新書。

下列的文章是介紹這本關于網絡戰爭的新書的摘錄：一種多學科的方法被Syngress公布，Elsevier 的版本說明。馬上訂購你的副本可以打3折！只要進入點擊‘SYNS30’就可以付款了。

華人與計算機：為什么知識產權盜竊和中國的網絡學說是兼容的。

作者：Paulo Shakarian, Jana Shakarian, and Andrew Ruef

摘要：繼美國和俄羅斯之后，中國通常被認為是世界上網絡權利的引領者之一。在本文中，我們探索中國軍方的想法，于20世紀90年×××發的，影響了他們21世紀初期的網絡操作。特別是，我們探究他們超限戰和主動進攻的想法，我們也討論了他們如何允許知識產權盜竊。我們之后特別關注極光行動的案列研究-一個網絡操作直接對抗了許多美國的權益，如：科學技術和辯護律師事務所，反映出一些這樣的思想。

過去五年里，一些新聞媒體報道了看似散落涉嫌中國的網絡事件。這些活動包括盜竊把守的科學數據的實例，監測達賴喇嘛的通信，盜竊谷歌的知識產權。在國會武裝部隊委員會的證詞中，基思·亞歷山大將軍，美國國家安全局網絡司令部(NSA)負責人。他指出中國從美國偷了‘許多’與軍事有關的知識產權。明確的網絡間諜活動，包括盜竊知識產權，這已經成為中國網絡策略的關鍵組成部分。最近安全公司Mandiant發布的報告提供了技術分析指向這個結論，一個組織隸屬于解放軍(61398 部隊)已經從事了大量的軍事間諜活動來對抗母語為英語的國家。本書，我們特別強調中國一些相應的學說，我們相信它導致了像61398部隊或其他類似的組織的出現。

滲出的活動，監聽，盜竊的數據信息，可以描述為一些能夠被很容易標記為實施網絡間諜活動的事故。他們明顯的目標不是讓計算機下線或摧毀計算機內的數據，而是捕獲他們的反對力量的數據。在這種情況下，這些活動不能被標記為網絡***，因為目標系統和它的數據必須保持完整為了獲取他們所需的數據。故，我們可以定義網絡間諜活動為：為了獲從計算機系統獲取數據而不經過計算機系統擁有者授權的收集情報的行為。

無論如何，像計算機網絡***事件，網絡間諜活動也一樣，眾所周知很難鑒定它的歸屬。那么，是什么導致我們相信中國參與網絡間諜活動？如果歸屬如此的困難，那么，為什么谷歌公司和諾斯羅普·格魯門公司，高級別外交官，例如美國國務卿希拉里·克林頓發出強硬的聲明譴責中國政府在喚醒在這些***？這個聲明羅列了事件起源，大多數計算機***事件涉及竊取數據信息通過網絡追蹤表明***源來自中國大陸。更近一步，通過分析這些***事件中的惡意軟件會發現這些軟件的開發工具是中文的。所以這幾乎不可能連累×××政府涉及網絡間諜活動，事實上他們可以始終追溯到中國大陸加重重的政治危機。中國政府在進行反***調查嗎，那么，什么樣法律的行為被確定為***所為？中國政府是否和網絡間諜活動的受害者透明共享應該調查的這些信息？什么法律行動將被北京采取采取防止中國以外的進攻組織的個別***？這些問題必須給予認真的考慮，原產于中國的證據表明在企圖喚醒網絡間諜活動。

同時也說明這些摘抄有來自西班牙的，有來自由美國空軍的。

其它閱讀鏈接：從軍事的計算機科學家眼中透視中國網絡戰。

關于作者：

Paulo Shakarian, Ph.D. 是一個美國陸軍少校和計算機科學助理教授，主要教授計算機科學與技術，同時也研究網絡安全、社交網絡和人工智能。他已經寫了超過20本書發表于科學和軍事刊物。涉及到網絡戰爭，他已經寫了名為《Stuxnet蠕蟲：網絡戰軍事事務革命》發表于小型戰爭報和《2008年俄羅斯對格魯吉亞的網絡活動》發表于軍事評論。

他科學的研究的到了很好的回報，特色在于各大新聞媒體包括經濟學家和自然的研究。先前，他撰寫地理空間：由Springer出版的原理與實踐。

Paulo holds a Ph.D. and M.S. 從事計算機科學，馬里蘭大學，學院公園，西點軍校的一個計算機科學理學士，深入研究信息安全保障。在“伊拉克自由行動”擔任兩個作戰旅的旅長，他的部隊得過包括:銅星獎章、榮譽獎章、軍隊嘉獎獎章和華爾萊科技設備和和作戰行動徽章。了解更多關于Paulo，請訪問他的網站。

在這篇文章中的觀點僅是作者，并不一定反映了美國軍事學院，美國陸軍或國防部的意見。