The Chinese cyberoffensive

The Chinese cyberoffensive

Britain’s intelligence agency MI5 has recently written to 300 companies in that country, warning them of a threat from Chinese hackers. That’s just the latest manifestation of a global worry—cyberattacks originating from Chinese computer networks.

Apart from the UK, the US, France and Germany have openly derided these attacks and have also taken the matter up with the Chinese government. Even a few strategic Indian government networks have faced the wrath of Chinese attacks. In mid-August, a couple of our defence websites were attacked and were propagating viruses.

China has denied any official involvement in these events. But there is enough evidence to suggest that many of these attacks have been part of a campaign of the Chinese institutional mechanism, which understands that cyberspace is going to be the future battle space. It will be a serious issue for the global community—and one that will have to be dealt with in the coming days.

Germany discovered Chinese espionage programs in computers in the chancellor’s office, the foreign ministry and a few other agencies. France witnessed and recorded attacks from Chinese networks on its government servers. The UK government detected infiltration by Chinese hackers into at least 10 Whitehall departments.

However, the most number of instances have been in the US, where Chinese attacks have been increasing in frequency and sophistication over the years. The most significant has been the attack on the Pentagon email system in June this year. Even the email of the defence secretary was crippled. There have been instances of the state department computers being hacked and added with trojans, attack on the naval warfare colleges and lots of regular distributed denial of service attacks.

In India, attacks from China-based addresses have surpassed those from Pakistani hackers, and their targets are the defence networks including the Defence Research and Development Organisation. Regular attacks and probing missions are launched on government servers, particularly those belonging to the National Informatics Centre, and also on the strategic national institutions. All these are part of the Chinese Vision 2050 of gaining “electronic dominance" globally.

While all such attacks definitely cannot be directly attributed to Chinese government networks, there are many instances where the role of the People’s Liberation Army (PLA) of China cannot be ruled out. The PLA documents that have made their way to the global community via Western intelligence sources have clearly outlined the growing importance to cyberwarfare tactics. These reports have outlined the growing support of the PLA to hacking groups and zealous individual Chinese sympathizers.

No doubt the US remains the primary target of Chinese designs, merely because of its defence and the embedded information technology (IT) prowess. India is also high on the radar because of its capacity to direct its future battlefield management techniques and weaponry systems using IT. The Chinese have watched India’s dominance in the global IT scenario over the years. And they have taken many steps to catch up—incentives for learning software, massive English training sessions, focus on low-cost outsourcing infrastructure and training of resources. A recent Organisation for Economic Co-operation and Development report has stated that the day is not far when China will catch up with India on the outsourcing bandwagon.

The Chinese focus on cyberspace is also quite interesting. On the one hand, it is trying its best to take on the advanced nations; on the other, it is throttling all forms of expressions by its citizens in cyberspace. Any content that is not to the liking of the ruling Communists is met with blocking and draconian punishment of the writer. Even Western companies adhere to the stringent norms set by the Chinese government for doing Internet-related business in China.

In other words, the Chinese establishment is trying to control cyberspace strategically—use it for offensive exercises and block it for citizens’ expressions. Can this be possible for a long time? Not necessarily, unlike in the physical world.

The massive pace of technological innovation will have its impact on China and already there are instances of many of the blocked content being available through proxy servers. Also, there could be technology available to Western powers to see through the Chinese cyberwarfare plans. Already, monitoring of online traffic has improved and it could be easily used to detect any major Chinese attack based on pattern recognition and traffic origination.

The fact remains that nations will be more aggressive in cyberspace in the years to come. The crippling of the Estonian networks in May by Russia-based groups has raised awareness in many nations about what could be a situation in the near future. As more and more of basic and strategic actions are shifting to the Internet globally, it hardly remains to be understood how vulnerable the medium is. While efforts among nations to harness a working model of Internet governance are still at a preliminary stage, the fear remains that unless a global code of conduct is set soon, this might spell danger with nations making the Internet the medium to probe, track and launch attacks on other nations.

The Indian government needs to address these concerns. Almost at the same time as these Chinese attacks, there has been also the instance of the Swedish hacker breaking into the email accounts of a few of our foreign missions. As usual, our national cyberspace agenda is reactive rather than proactive. A comprehensive critical information infrastructure protection policy is yet to be framed; the focus to look at cybersecurity from a national security standpoint is still far away; and the revised IT Act is yet to be passed by Parliament.

But, most importantly, the urge to be alert and prepared, with some basic awareness about cybersecurity, is still missing.

One only hopes that we do not await further Chinese attacks to be concerned about our national cyberpreparedness.

Subimal Bhattacharjee writes on cybersecurity policy issues. Comments are welcome at