Cyber-warrior China opens new front against India

Brahma Chellaney

The Sunday Guardian, April 11, 2010

The detailed report released by a group of Canadian researchers on how a
China-based cyber spying ring has been systematically stealing top Indian
defence and security secrets for a number of months has spotlighted the growing
cyber threat India
confronts. It is unlikely that the
hackers are private individuals with no links to the Chinese government. Private
individuals are unlikely to engage in systematic pilferage of defence secrets
of a rival country over an extended period.

Let’s
be clear: The Chinese hackers are an irregular force of the People’s Liberation
Army. In war, this force will become the vanguard behind which the conventional
PLA divisions will take on India.
In other words, the regular PLA forces will wage war after the cyber
warriors have caused serious damage to the enemy to defend itself.

Cyberwarfare and cross-border terrorism are the two main
frontiers of asymmetrical warfare. In both, irregular or non-state actors are
employed by a state to wage attacks on another country. The sponsoring state
then feigns ignorance of the attacks carried out at its behest. Just as Pakistan pretends Lashkar-e-Taiba is not its
front against India, China claims
the Chengdu-based cyber ring is not its spying arm. In both cases, the enemy
hides behind a cover, underscoring the asymmetrical nature of the warfare.

With national security and
prosperity today dependent on the safekeeping of cyberspace, including the
virtual movement of finance and the flow of security data and other secrets,
cybercrime must be effectively countered as a priority.

The cyber
threat from China
is at two levels. The first is national, as manifest from thecyber
attacks already carried out in recent years against India’s National Infomatics
Centre (NIC) systems and the
ministry of external affairs. The previous national security adviser disclosed
that his own office computers had been hacked by the Chinese. The aim of such
attacks has been to engage in espionage and
also to overawe the Indian establishment.

By scanning and mapping India’s
official computer systems, China
is able to both steal secrets and gain an asymmetrical advantage over its
rival. Intermittent cyber intrusion in peacetime allows China to read
the content and understand the relative importance of different Indian networks
so that in a war, it knows what to disable in order to inflict pain and
punishment.

The second type of cyber threat from China is aimed at the individual
level. Individual targets in India
range from the functionaries of the Tibetan government-in-exile and Tibetan
activists to Indian writers and others critical of China. The most-common type of
intrusion is an attempt to hack into the e-mail
accounts of targeted individuals. Often the targets are subjected to the
so-called Trojan horse attacks by e-mail that are intended to breach their
computers and allow the infiltrators to remotely remove, corrupt or transfer
files.

At a time when China-based
cyber attacks are ramping up in the world, U.S. Secretary of State Hillary
Clinton was right to recently declare that an attack on one nation’s computer
networks “can be an attack on all.” Singling out China for its Internet censorship,
Mrs. Clinton warned that “a new information curtain is descending across much
of the world.” Her statement’s Cold War undertones — likening the
“information curtain” to the Iron Curtain — amounted to an implicit admission
that the central assumption guiding U.S. policy on China
since the 1990s has gone awry: that assisting China’s economic rise would usher
in political opening there.

The strategy
to use market forces and the Internet to open up a closed political system
simply isn’t working. Indeed, the more economic power China has accumulated, the more
adept it has become in extending censorship controls to cyberspace. China deploys tens of thousands of “cyber police” who
block Web sites, patrol cyber-cafes, monitor the use of cellular phones and
track down Internet activists.

But the threat to countries
like India comes not from
what China
does domestically. Rather, it comes from the manner the experience, information
and knowhow gained in fashioning domestic cyber oversight is proving invaluable
to China
to engage in cyber intrusion across its frontiers.

The Canadian researchers, who had earlier
uncovered a vast Chinese surveillance system called “Ghostnet” that
could automatically scan overseas computer
networks and transfer documents to a digital storage facility in China,
have revealed in their latest report that the origin of the attacks against
Indian targets was Chengdu, which is also the headquarters of the PLA’s signal
intelligence (SIGINT) bureau. The Chengdu SIGINT station in China’s Sichuan
province is specifically tasked to monitor India.

Chinese hackers often try to camouflage the
point of origin of their attacks. They do so by routing their attacks through
the computers of a third country, like Taiwan
or Russia or Cuba.
Just as some Chinese pharmaceutical firms have exported to Africa spurious
medicines with “Made in India”
label — a fact admitted by Beijing
— some Chinese hackers are known to have routed their cyber intrusion through third
countries. But like their comrades in the pharmaceutical industry, such hackers
tend to leave telltale signs. But in the case of the India-directed cyber ring
that has just been uncovered, it was ensconced in China itself and openly operating
from there.

Despite its information-technology
skills, India
lacks offensive or defensive capabilities in cyberwarfare. It has developed no
effective means to shield its cyber infrastructure from the pervasive attacks
that are being carried out in recent years in search of competitive
intelligence and to unnerve
the Indian establishment.

India’s cyber vulnerability holds major
implications in a war situation. In peacetime, China
is intimidating India
through intermittent cyber warfare, even as it steps up military pressure along
the Himalayan frontier. In a conflict, China could cripple major Indian
systems through cyber attacks. With cyber attacks against Indian government,
defence and commercial targets ramping up, the protection of sensitive computer
networks must become a major national-security priority.

One mode of asymmetrical
warfare — Pakistan’s
unceasing export of terrorism — has traumatized India for long. It should not allow
itself to get similarly battered on the new frontier of asymmetrical warfare China
has opened over the past five years.  On both fronts, state actors are
employing non-state actors.

The costs for India to fight
two asymmetrical wars simultaneously will be high. India should treat the Canadian
report as a wake-up call to plug its vulnerabilities by developing appropriate
countermeasures. At the same time, it should have the capability to take the battle
to the enemy’s camp. Offence is often the best form of defence.