Presentation is loading. Please wait.

Presentation is loading. Please wait.

中國信息戰的基礎 Fundamentals of Chinese Information Warfare LTCOL (RET)William Hagestad II MSc Security Technologies MSc Management of Technology www.red-dragonrising.com.

Similar presentations


Presentation on theme: "中國信息戰的基礎 Fundamentals of Chinese Information Warfare LTCOL (RET)William Hagestad II MSc Security Technologies MSc Management of Technology www.red-dragonrising.com."— Presentation transcript:

1 中國信息戰的基礎 Fundamentals of Chinese Information Warfare LTCOL (RET)William Hagestad II MSc Security Technologies MSc Management of Technology Red-DragonRising.com©

2 21 st Century Chinese Cyber Warfare “21 st Century Chinese Cyber Warfare” “ 二十一世紀中國 網絡戰 ” ISBN: Red-DragonRising.com©

3 中國信息戰的基礎 1.Credit where credit is due…. 2.Current Cyber News…. 3.People’s Republic of China “Informization” 4.Unrestricted Warfare…war without limits 5.Chinese Cyber Threat history 6.Conclusions 7.Questions Red-DragonRising.com©

4 Masters of this domain…. Attribution where credit is due…. Dr. James Mulvenon Dr. James Mulvenon, Vice President, Intelligence Division and Director, Center for Intelligence Research and Analysis, Defense Group, Inc. Mark Stokes Mark Stokes, Executive Director, Project 2049 Institute Timothy Thomas Timothy Thomas, LTC US Army RET Red-DragonRising.com©

5 Current China Cyber News Chinese Firewall Maker, Hangzhou DPTech Technologies booted from Microsoft Sharing Program – 3 MAY 2012, SC Magazine Chinese Firewall Maker, Hangzhou DPTech Technologies booted from Microsoft Sharing Program – 3 MAY 2012, SC Magazine “US & the PRC must work to avoid cyber conflict” – SECDEF Panetta…8 MAY 2012 REUTERS “US & the PRC must work to avoid cyber conflict” – SECDEF Panetta…8 MAY 2012 REUTERS Huawei aims efforts at market leaders Cisco, HP et al….10 MAY 2012, Network Computing Huawei aims efforts at market leaders Cisco, HP et al….10 MAY 2012, Network Computing PRC-Philippines Hacking War…10 MAY 2012 Council on Foreign Relations PRC-Philippines Hacking War…10 MAY 2012 Council on Foreign Relations Red-DragonRising.com©

6 Current China Cyber News 10 MAY 2012 Philippines News Agency (PNA), Philippine government's news wire service defaced by hackers suspected to be from China Red-DragonRising.com©

7 1)Nothing is what it appears 2) 中國 literally means the middle kingdom 3)The People’s Liberation Army ( 中国人民解放军 ) controls everything 4)Capitalist economically, communism remains the political bedrock 5)‘Keep your friends close but enemies closer’ ~ Sun Tzu 6)Mandarin Chinese an easy language – Brilliant Cryptography…… 7)Kinetic military capability not yet fully developed 8)Numerology is important – 8 th Route Army Rules of Engagement (ROE) Red-DragonRising.com©

8 Red-DragonRising.com©

9 Who is China? Red-DragonRising.com©

10 People´s Liberation Army (PLA) “information high ground” rapid development of a comprehensive C4ISR (Command, Control, Computers, Communications, Information, Surveillance & Reconnaiscance) infrastructure attain near total situational awareness of the battlespace while limiting an adversary’s ability to do the same PLA is trying to reach information dominance early and using it to enable and support other PLA operations throughout a conflict Tactical level employment of computer network attack (CNA) tools used with sufficient precision can achieve dramatic strategic outcomes with the potential to alter a campaign &, conversely, as the PLA deploys more sophisticated information systems growing increasingly reliant upon them for successful military operations, it must also protect itself from the same network vulnerabilities as its high-tech adversaries; PLA is augmenting its developing computer network operations (CNO) capabilities by relying on inputs from China’s commercial IT industry, academia, and civilian and military research institutions Huawei, Zhongxing (ZTE), and Datang maintain relationships with the PRC government; In summary - recent developments in Chinese computer network operations applications & research and development point to a nation fully engaged in leveraging all available resources to create a diverse, technically advanced ability to operate in cyberspace as another means of meeting military and civilian goals for national development. Computer network operations have assumed a strategic significance for the Chinese leadership that moves beyond solely military applications and is being broadly applied to assist with long term strategy for China’s national development. 1. The People´s Liberation Army (PLA) is pursuing the means to seize and occupy the “information high ground”; 2. The rapid development of a comprehensive C4ISR (Command, Control, Computers, Communications, Information, Surveillance & Reconnaiscance) infrastructure, is a focus of PLA efforts currently underway; 3. PLA is trying to unify disparate information systems to enable coordination between geographically dispersed units in order to attain near total situational awareness of the battlespace while limiting an adversary’s ability to do the same; 4. PLA is trying to reach information dominance early and using it to enable and support other PLA operations throughout a conflict; 5. Tactical level employment of computer network attack (CNA) tools used with sufficient precision can achieve dramatic strategic outcomes with the potential to alter a campaign &, conversely, as the PLA deploys more sophisticated information systems growing increasingly reliant upon them for successful military operations, it must also protect itself from the same network vulnerabilities as its high-tech adversaries; 6. PLA is augmenting its developing computer network operations (CNO) capabilities by relying on inputs from China’s commercial IT industry, academia, and civilian and military research institutions; 7. Huawei, Zhongxing (ZTE), and Datang maintain relationships with the PRC government; In summary - recent developments in Chinese computer network operations applications & research and development point to a nation fully engaged in leveraging all available resources to create a diverse, technically advanced ability to operate in cyberspace as another means of meeting military and civilian goals for national development. Computer network operations have assumed a strategic significance for the Chinese leadership that moves beyond solely military applications and is being broadly applied to assist with long term strategy for China’s national development. Bottom Line Up Front The BLUF Red-DragonRising.com© “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage” NORTHRUP GRUMMAN March 7, 2012

11 Chinese Methodology? Chinese web “bots” performing reconnaissance, gathering info on web content; Chinese web “bots” performing reconnaissance, gathering info on web content; PRC “bots” so intrusive, servers scanned IOT determine server’s purpose and functions… PRC “bots” so intrusive, servers scanned IOT determine server’s purpose and functions… Majority of Internet traffic from the People’s Republic of China, and included both…. Majority of Internet traffic from the People’s Republic of China, and included both…. – Hits on servers (short pings on new servers); and, – Detailed examination looking for ports or access points… Red-DragonRising.com©

12 Chinese motivation? Fear of 外國人 foreigners Fear of 外國人 …foreigners…. Self-preservation Self-preservation and, Hegemony ( 霸权 ) Hegemony ( 霸权 )….. – A perfect description of the Communist Party of China (CPC)…..implied power of the Chinese state subordinates every element of modern Chinese Society……including threats by….. Falun Gong…..Blind Dissidents…disaffected citizens….Regime Change citizens….Regime Change Red-DragonRising.com©

13 中國人民解放軍 Information Warfare (IW) “To achieve victory we must as far as possible make the enemy blind and deaf by sealing his eyes and ears, and drive his commanders to distraction by creating confusion in their minds.” 毛泽东 Mao Tse-Tung Red-DragonRising.com©

14 Official Statement of Chinese IW 19 JUL 2010 解放军报 (PLA daily) ‘ordered by President Hu Jintao to handle cyber threats as China enters the information age, and to strengthen the nation's cyber-infrastructure’ 19 JUL 2010 – 解放军报 (PLA daily) ‘ordered by President Hu Jintao to handle cyber threats as China enters the information age, and to strengthen the nation's cyber-infrastructure’ General Staff Directorate’s (GSD) General Staff Directorate’s (GSD) Cyber Warfare ‘Princelings’ Cyber Warfare ‘Princelings’ General Zhang Qinsheng 章沁生 General Chen Bingde 陈炳德 General Ma Xiaotian 马晓天 Vice Admiral Sun Jianguo 孙建国 Major General Hou Shu sen 侯树森 解放军报 (PLA Daily) 解放军报 (PLA Daily), July 19, 2010; [Online] Available at:

15 PLA Cyber Tacticians Major General Hu Xiaofeng Deputy Director, National Defense University, Department of Information Warfare and Training Command Major General Hu Xiaofeng, Deputy Director, National Defense University, Department of Information Warfare and Training Command Professor Meng Xiangqing National Defense University Institute for Strategic Studies Professor Meng Xiangqing, National Defense University Institute for Strategic Studies 黑暗訪問者 黑暗訪問者, 2009; [Online] Available at: “Goal is to achieve a strategic objective” “You have to meet my political conditions or your government will be toppled, or you promise to meet some of my political conditions.” Red-DragonRising.com©

16 中国人民解放军信息保障基地中国人民解放军信息保障基地中国人民解放军信息保障基地中国人民解放军信息保障基地 Red-DragonRising.com©

17 1)planting information mines 2)conducting information reconnaissance 3)changing network data 4)releasing information bombs 5)dumping information garbage 6)disseminating propaganda 7)applying information deception 8)releasing clone information 9)organizing information defense 10)establishing network spy stations Richard A. Clarke and Robert K. Knake, Cyber War. The Next Threat to National Security and What to Do about It, New York, HarperCollins Publishers 2010, pp. 47 – 64 制信息权 Information Dominance….. Precise attack vectors of 制信息权

18 1)Omni directionality 2)Synchrony 3)Limited objectives 4)Unlimited measures 5)Asymmetry 6)Minimal consumption 7)Multidimensional coordination 8)Adjustment and control of the entire process Unrestricted Warfare, Qiao Liang and Wang Xiangsui, Beijing: PLA Literature and Arts Publishing House, February 1999 (Simplified Mandarin Chinese version) 8 - Pillars of Chinese Warfare ( 超限战 ) 8 Principles of "beyond-limits combined war” in Unrestricted Warfare

19 Tell me more about these Chinese hackers…. Red-DragonRising.com©

20 中國共產黨 中國共產黨 - CPC Codified cyber warfare in 2010 Codified cyber warfare in 2010 “protect national infrastructure from external cyber threats” – President Hu Jin tao “protect national infrastructure from external cyber threats” – President Hu Jin tao President Hu’s successor Xi Jin ping …. President Hu’s successor Xi Jin ping …. CPC + PLA x information technology superiority = China’s worldwide dominance Red-DragonRising.com©

21 人民解放军 人民解放军 - PLA 500 BC 500 BC Sun-Tzu’s Art of War – basis Sun Ping’s Military Methods Major General Wang Pufeng – founding father of Chinese Information Warfare (IW) 1999War Without Limits War Without Limits – PLAAF Senior Colonel’s Qiao Liang & Wang Xiangsui PLA's IW strategy spearheaded by Major General Dai Qingmin Red-DragonRising.com©

22 國有企業 – State Owned Enterprises China Telecom China Telecom – owned by the CPC, operated by the PLA Huawei NOT Huawei – owned by former PLA officer direct links to the PLA however NOT the CPC ZTE ZTE – based in Shenzhen, Guangdong Province China Petroleum & Chemical Corp China Petroleum & Chemical Corp SinoChem SinoChem China National Petroleum Corp China National Petroleum Corp China National Pharmaceutical Group China National Pharmaceutical Group Red-DragonRising.com©

23 黑客 - Hacktivists Originally supported by CPC & PLA Originally supported by CPC & PLA – Now uncontrollable….Golden Shield Project Reinforce PRC’s nationalism via the web Reinforce PRC’s nationalism via the web – Taiwan, the renegade Chinese Province – Punishing Japan for WWII war crimes – Codera’s anti-Chinese web rhetoric Red-DragonRising.com©

24 Red-DragonRising.com©

25 Chinese Perspective….  16 AUG People’s Tribune Magazine ( 人民论坛杂志 ) publishes several articles…  Four are very troublesome for the U.S……. “A Sovereign Country Must Have Strong Defense” – “A Sovereign Country Must Have Strong Defense” by Min Dahong, director of the Network & Digital Media Research China Academy of Social Sciences;A Sovereign Country Must Have Strong DefenseA Sovereign Country Must Have Strong Defense – “America’s ‘Pandora’s Box’ Cyber Strategy Confuses the World” – “America’s ‘Pandora’s Box’ Cyber Strategy Confuses the World” by Shen Yi - Fudan University’s Department of International Politics;America’s ‘Pandora’s Box’ Cyber Strategy Confuses the WorldAmerica’s ‘Pandora’s Box’ Cyber Strategy Confuses the World – “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the Competition” – “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the Competition” by Tang Lan, Institute of Information and Social Development Studies at the China Institute of Contemporary International Relations; and “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the Competition “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the Competition – “How to Construct China’s Cyber Defenses” – “How to Construct China’s Cyber Defenses” by Liu Zengliang, from the PLA National Defense UniversityHow to Construct China’s Cyber DefensesHow to Construct China’s Cyber Defenses Red-DragonRising.com©

26 13+ Years Chinese Cyber Activity Major General Wang Pufeng  1995 – Major General Wang Pufeng describes attacking via Internet Major General Wang Baocun’s 10 Features of Chinese InfoWar  1997 – Major General Wang Baocun’s 10 Features of Chinese InfoWar “War Beyond Limits” (Unrestricted Warfare)  1997 – “War Beyond Limits” (Unrestricted Warfare) is written by 2 Senior Chinese Colonels  May 03, 2001 China warns of massive hack attacks “informatization” 信息化 campaign begins  “informatization” 信息化 campaign begins Chinese Communist Party (CCP) General Secretary and Central Military Commission (CMC) Chairman Jiang Zemin, a speech before the 16th Party Congress Titan Rain 泰坦雨  Titan Rain 泰坦雨 US DoD & Government websites targeted  2004 – Japan targeted by Chinese over disputed Daiyu Islands GhostNet 幽灵网  2007 – GhostNet 幽灵网 Global CnC network with IP addresses in People’s Republic of China Byzantine Hades  2008 – Byzantine Hades - targeted cyber operations against the U.S. government using social engineering and malicious attachments and links in messages.  MI5 writes to more than 300 senior executives at banks, accountants and legal firms warning them - the Chinese army is using Internet spyware to steal confidential information Operation Aurora 操作极光  Operation Aurora 操作极光 International Energy Industry targeted Night Dragon 夜龙  2009 – Night Dragon 夜龙 Global multinationals attacked via Internet  2010 – Article - Should we be afraid of Chinese hackers?...Or lost cyber war?  US needs to get better at preventing foreign access to advanced technology -GAO watchdogs find holes in high-tech access, licensing rules  2011 – Chinese military CCTv-7 demonstrates GUI Hacking of University of Alabama Office of the National Counterintelligence Executive (ONCIX)  2011 – Office of the National Counterintelligence Executive (ONCIX) Report indicates both China & Russia target corporate intellectual property Operation Shady RAT  2011 – Operation Shady RAT FIVE year campaign of economic & intelligence data exfiltration “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage” NORTHRUP GRUMMAN March 7, – “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage” NORTHRUP GRUMMAN March 7, 2012  2012 – Chinese Technology Policy & Cyber Offensive Operations - April  2012 – China & Philippines engage in mutual cyber attacks over Scarborough Shoals - April Red-DragonRising.com©

27 Conclusions 1)Hegemony drives use information warfare in the cyber realm; 2)Cyber-warfare is state sponsored; yet direct attribution is an illusion…. 3)People’s Liberation Army plans cyber-warfare – defensively & offensively; 4)Cultural, economic, historical & linguistic thread drives Chinese cyber-warfare; 5)The CPC, although advocating citizen hacking, can no longer control it; 6)Commercial enterprises worldwide are permeable to Chinese cyber hacking in all its form & methods – Nortel Case Study; 7)Chinese written malware, RATs, Botnets are undiscoverable…. 8)Mandarin Chinese (complex and simple) is an exceptional form of cryptography…not to mention Classical / Literary Chinese…. 9)All commercial IPS are ineffective against Chinese based attacks; 10)People’s Republic of China cyber-warfare threat is serious & will only become much worse….. 11)Diplomatic initiatives with a show of U.S. military force in ASIA PAC…only option? Red-DragonRising.com©

28 Short & Long Term Moves Red-DragonRising.com© Strategy/MoveWhoWhat/WhyHowWhenCost BS, CS, IS & GS - Define specific Economic Targets US Dept of Commerce – International Undersecretary What are most likely targets of economic espionage Work with commercial industry to assist defining possible loss of business if they lost their intellectual property to China Immediately, then quarterly Minimal BS, CS & GS – Educate employees about possibility of data exfiltration Business & Corporate leadership – Chief Security Officers Awareness of persistent threat of economical cyber war Design educational awareness programs to address identifying, reporting and mitigating foreign information exfiltration threats Immediately, then monthly Nominal BS, CS & IS – Create a universal defense-in-depth policy ICW security software & hardware manufacturers Protect critical infrastructure against Chinese Cyber Threats Design a defense-in-depth standard that protects Critical Economic & National Infrastructure Immediately, then ongoing Nominal to very expensive GS – Liaise & dialogue w/Chinese Government US Department of State, Depart ment of Defense, USAID Mutual understanding of the cyber threat – define it Develop official dialogue to define, explain and set conditions for defining the cyber threat mutually Immediately, then quarterly and semi- annually Nominal Short & Long Term Focus on addressing high risks of the Chinese Cyber Threat BS = Business Strategy CS = Corporate Strategy IS = Innovation Strategy GS = Government Strategy

29 References 1)Cyber Silhouettes: Shadows Over Information Operations, Timothy Thomas, Foreign Military Studies Office (FSMO), Fort Leavenworth, Kansas 2)Decoding the Virtual Dragon, Timothy Thomas, Foreign Military Studies Office (FSMO), Fort Leavenworth, Kansas 3)The Chinese People’s Liberation Army Signals Intelligence and Cyber Reconnaissance Infrastructure, Mark A. Stokes, Jenny Lin and L.C. Russell Hsiao, Project 2049 Institute Red-DragonRising.com©

30 Red-DragonRising.com© 21 st Century Chinese Cyber Warfare “21 st Century Chinese Cyber Warfare” “ 二十一世紀中國 網絡戰 ” Available : ISBN:

31 謝謝您 謝謝您的時間今天 有沒有問題? Red-DragonRising.com©

32


Download ppt "中國信息戰的基礎 Fundamentals of Chinese Information Warfare LTCOL (RET)William Hagestad II MSc Security Technologies MSc Management of Technology www.red-dragonrising.com."

Similar presentations


Ads by Google