[LINK] China's Cyber Warfare Capabilities

Tom Worthington tom.worthington at tomw.net.au
Mon Nov 7 08:35:23 AEDT 2011


On 04/11/11 15:54, stephen at melbpc.org.au wrote:
> Perhaps of interest ..
>
> China's Cyber Warfare Capabilities Desmond Ball, Security Challenges
> http://www.securitychallenges.org.au/ArticlePDFs/vol7no2Ball.pdf> ...
>
> ... it is often very difficult to determine whether these attacks have originated with official agencies or private ‘Netizens’ ...

The issue of how to identify and respond to cyber-attack is discussed at 
length in "Cyberdeterrence and Cyberwar", by Martin C. Libicki (RAND 
Corporation, 2009): 
http://blog.tomw.net.au/2009/10/cyberdeterrence-and-cyberwar.html

Cyber-warfare like other forms of irregular warfare, where it is 
difficult to work out who is responsible for an attack. Under the Bush 
doctrine "Either you are with us, or you are with the terrorists.": an 
attack by individuals my be treated as attack by the country they are 
based: 
http://en.wikipedia.org/wiki/Bush_Doctrine#Attacking_countries_that_harbor_terrorists

One difficulty is in an effective military response to a diffuse 
cyber-attack. The USA is still preparing its "Doctrine to Establish 
Rules of Engagement Against Cyber Attacks": 
http://www.defense.gov/news/newsarticle.aspx?id=65739

Retaliation in kind for cyber attacks is unlikely to be effective. Even 
where cyber retaliation inflicts damage, that damage may not be apparent 
to the government or the people of the country attacked (or apparent to 
the world media). Israel's government yesterday denied its security 
agency web sites were hacked: "Israeli Websites Down in 'Technical 
Malfunction'" (ABC News, 6 November 2011): 
http://abcnews.go.com/International/wireStory/israeli-websites-technical-malfunction-14893107#.Trb4r0BBu5k

There are some relatively simple measures to combat on-line attack. As 
an example, having personnel on duty to deal with the issue and having 
help with threats provided via the web.

The report "Alert and Ready: An Organizational Design Assessment of 
Marine Corps Intelligence" from the RAND Corporation pointed out that 
the US Marine Corp did not have a 24 hour a day intelligence service. 
The staff at headquarters in Quantico went home at the end of the day, 
leaving no one to answer the phone. Also deficiencies in their the web 
site design meant customers went elsewhere for information: 
http://blog.tomw.net.au/2011/11/role-of-web-in-us-marine-intelligence.html

Some of the US based reporting on China's threat are a little 
sensationalist, such as The book "Tiger Trap: America's Secret Spy War 
with China" by David Wise (Houghton Mifflin Harcourt, 2011): 
http://blog.tomw.net.au/2011/11/tiger-trap-americas-secret-spy-war-with.html

> ... pre-emptive strategy ... cyber-warfare capabilities are
> unleashed atthe very outset of prospective conflicts ...

Use of electronic warfare at the start of hostilities has been routine 
since the development of the telegraph. There seems no reason to believe 
that this same practice would not be followed in cyberspace.

One aspect which has made parties less willing to attack electronic 
systems in modern symmetric conflicts is that they may be sharing the 
same infrastructure. There is no point in taking out the global IT 
systems if you cripple your own military, and perhaps control over your 
own country, in the process. As an example, it is likely that both sides 
to a conflict will be using the same satellites for navigation and 
communications. Either side could disable the service and so the 
question is who has more to be lost?

ps: Another stalwart of Australian strategic thinking is speaking in 
Canberra on Monday: "Why did we get the collapse of the USSR so wrong?" 
by Professor Paul Dibb, ANU 6:3opm. If I get the chance I will ask him 
about China: http://billboard.anu.edu.au/event_view.asp?id=83642


-- 
Tom Worthington FACS CP, TomW Communications Pty Ltd. t: 0419496150
PO Box 13, Belconnen ACT 2617, Australia  http://www.tomw.net.au
Liability limited by a scheme approved under Professional Standards 
Legislation

Adjunct Senior Lecturer, Research School of Computer Science,
Australian National University http://cs.anu.edu.au/courses/COMP7310/



More information about the Link mailing list