Pierluigi Paganini April 09, 2012

When discuss on cyber warfare we cannot regardless of the role played by nations such as China, U.S. and Russia. In particular, the Beijing government has distinguished itself in recent years for two key aspects:

• the aggressive strategy cyber conduct towards foreign countries
• the country’s willingness to become independent from the technological

The second aspect is crucial and strongly correlated to the first, in recent years the technology push of the Asian country was disarming and it’s one of the principal reason for its success. Despite the situation inside the country presented considerable economic hardship in rural areas the central government has invested and encouraged private companies to invest in various capacities for develop and acquire technological know-how.

As I said the two aspects are highly correlated, China through private companies and groups of sponsored hackers have promoted several operations with the purpose of acquiring sensitive information on foreign technology projects, in more than one occasion has been conducting cyber espionage against companies and governments of other nations. An aggressive strategy that has not spared anyone, sometimes with devastating consequences for victims, as in the case of Nortel ended up in bankruptcy.
I would introduce the concept of strategy of espionage, concerted actions planned with meticulous attention against strategic objectives, innovative techniques of espionage that have introduced a massive use of malware to infect systems to spy on, the use of operations as a diversionary attacks DDoS to conceal other operations, the choice of auxiliary vulnerable targets such as contractors to access data from governments and government agencies.

China have done and is doing everything is possible to be independent from other countries like US and Japan for critical technologies, the espionage is just the dark side of the effort spent. The 2006 Medium to Long Term Plan on Science and Technology (MLP) announced

“Facts have proved that, in areas critical to the national economy and security, core technologies cannot be purchased.”

There is strong commitment to develop inside the country sensible technology to not give any kind of advantage to foreign industries. Let’s consider another crucial factor, the relative low cost of manufacturing in China has attracted several foreign companies and their production in the country giving to the nation a great advantage. In my opinion once the production is decentralized in other countries is utopic to try to maintain any secret.
Reduce costs is essential for a globalized business but is could be an high risk, a thriving business today could be transformed in future disaster due production secret exposure.

The MLP sets the goal of China becoming an “innovative nation” by 2020 and a “global scientific power” by 2050, the objectives are really ambitious but feasible in my opinion.

Looking into the future projection which scenario we should expect?

China’s growth in terms of technology and strengthening its presence in cyber space will no doubt to the increase in cyber operations against the nation itself. Many industry experts believe that due to imbalance between a cyber offence strategy so aggressive and its cyber defense policy could not be origin of significant technological problems for China.

China over the years has benefited from a surprise effect due to the lack of government information on cyber security and a lack of awareness of the cyber threats. Today the scenario has changed profoundly, every nation is striving for the establishment of a cyber appropriate strategy that can guarantee the security of the nation in terms of technology. In this context, offend and spying is certainly more complex than in the past and then what I think is the China will improve its defensive capabilities to preserve the knowledge acquired through years of hard work, research and espionage.

The rise of China and its consolidation may be hampered by a range of phenomena that I try to summarize in the following list:

• Counterintelligence activities against Chinese companies as an obvious consequence of the expansionist policy of China in the technology sector. Chinese companies will surely object cyber espionage campaigns no less aggressive than those made in previous years. Technological innovation will play a key role in this regard, for example the possibility of using Day 0 esploit in computing could make a difference.  Espionage will affect directly companies but also their final products and their users. The hack of a product distributed on a global scale would have devastating consequences.
• The pressure exerted by the phenomena of Hacktivism, which could absorb considerable energy on the technological front. The phenomenon is new, widespread and unpredictable growth. Groups like Anonymous have the proven ability to attack the main computing resources of the country, now confined to deface websites but in future they could steal and disclose classified information.
• The western approach to the Chinese was mainly driven by the will of the West to penetrate promising new markets. Any shift of the center of gravity in global economic might to collapse the Chinese economic model taking the leading companies in the country to deal with a history made of suspicious on state enterprises, an emblematic case of Huawei, China’s emerging technology superpower, has-been dogged by allegations it has close links to military intelligence, for this reason the ITS partnership with Symantec has been broken.
• The thrust of the new Chinese generation to full opening, characteristic of the Western life style, and that China has always rejects with any kind of censorship. The pressure is growing and will absorb more and more effort in terms of domestic politics.

These four components are the real challenge for the future of a country that has grown like no other …

Is China really ready?

Pierluigi Paganini