After US cyber revelations, China looks inwards

China polices its internet through a variety of means. It blocks western websites like Facebook, Twitter, Youtube and now even Google. It keeps a sharp watch and censors what appears on its Internet. The “great firewall” of China employs a variety of tactics to censor the Internet and block access to foreign content. The technique is not to block individual websites, but to scan URLs and web page content and blacklist keywords that are deemed inconvenient.

The massive disclosure of National Security Agency (NSA) documents on US electronic spying on various countries, including China, has only given an added rationale to the Chinese policy. Among the more damaging documents leaked by Snowden and published in The Guardian on June 7, 2013, was the 18-page Presidential Policy Directive 20, issued in October 2012, which called for Offensive Cyber Effects Operations (OCEO) against potential overseas targets. The OCEO, the directive said, “can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging”.

China has been cracking down on US companies for a while and the pressure has intensified after revelations that many of them have collaborated with the NSA to spy on the Internet. Google is virtually persona non grata in China now, as are Facebook, YouTube and Twitter. China is also alarmed at reports that the Americans have managed to plant “trapdoors” to get into the networks of Huawei, which is itself often accused of doing so on behalf of Chinese agencies. As a result, China is removing Cisco routers and planning to remove US-made servers from its banking system.

The National Computer Network Emergency Response Technical Team /Coordination Center (CNCERT), their equivalent of our CERT-IN, said in a report in March that nearly 2,000 government websites were tampered with in 2012. 73,000 foreign IP addresses were used to hijack 14.2 million mainframes in the country with Trojans or Botnets, with the United States being the largest source of such hacking activities. They also charged the US with being the source of 83.2 per cent of the servers used for phishing attacks on China.

Earlier China used to avoid naming the US as an originator of cyber-attacks, but after the indictment of five Chinese officers in May 2014 and the Snowden revelations, they have changed their position. A Xinhua commentary after the officers were charged called the US the “biggest cyber bully” and added that “China is in fact a major victim of persistent and large-scale cyber attacks from the U.S.” and that “allegations of rampant U.S. electronic espionage have unfolded on a global scale in the wake of damaging revelations by former NSA contractor Edward Snowden.”

The Chinese have been alive to the enormous pluses and minuses associated with the cyberspace. A measure of this is the fact that following the 3rd Plenum, a decision was taken to set up a new leading small group, a Chinese leadership device akin to the Indian empowered group of ministers (EGOM), dealing with cybersecurity and internet issues. What was remarkable was that the party boss and president Xi Jinping himself was designated head of the central Internet security and informatization leading group when it was constituted in February 2014. Two of his top aides-Premier Le Keqiang and Liu Yunshan- both members of the top-most Politburo Standing Committee were also designated members of the group.

Calling on China to become a “cyber power”, Xi explained that the work of the group was to lead and coordinate Internet security and informatization work among different sectors, as well as draft national strategies, development plans and major policies in this field. He said that the Chinese aim was to develop its Internet, as well as ensure its security.

The very Chinese academic institutions that are accused of cyber attacks by the west– the Cyberwarfare Laboratory & Network Attack and Defense Laboratory of the People’s Public Security University in Beijing or the Information Network Attack and Defense Research Centre of Wuhan University, Sichuan University’s Institute of Information Security, Shanghai Jiaotong University’s School of Information Security, as well as various companies like Beijing Xipu Technological Co-are the ones used to develop cyber defences. In June this year, the PLA announced the establishment of the Cyberspace Strategic Intelligence Research Center which would be their premier resource for Internet intelligence and information security.

More recently, Beijing has announced a shift away from Microsoft products, having banned Windows 8 for government systems. But it is not clear whether the decision is related to purely commercial issues or security. Microsoft’s announcement in April 2014 that it would stop providing security updates for Windows XP has created consternation in China where 70 per cent of PCs run on the system. In any case many of these were pirated and never got any updates, and all of them are now vulnerable for exploitation. In the interim, Chinese companies like Qihoo have announced that they will develop and distribute for free security shields for the XP systems.

In July, there were surprise raids in the offices of Microsoft in four cities across China. The investigators-officers from the State Administration for Industry & Commerce-seized documents and computers saying they were investigating anti-monopoly charges. They said they were trying to find out how Microsoft bundles software together and about some of its security features. However, it is not clear whether this was linked to the Snowden’s revelations that Microsoft was perhaps the most cooperative US tech giant with the NSA.

China is now leading a shift away from western systems. China’s state-run Science and Technology Daily reported on July 29 that key industries are shifting to more secure, indigenously produced networks and operating system software to prevent NSA cyber spying.

The state-run Shuguang Co. has deployed software aimed at “safeguarding national security information systems,” the report said. Science and Technology Daily is the official publication of the Chinese Academy of Sciences’ State Science and Technology Commission, and the State Administration of Science, Technology and Industry for National Defense, which runs China’s military and defense industry and also conducts foreign economic spying.

The report said Shuguang recently designed a new independent and secure computing system to safeguard national security information systems. Specifically, Shuguang’s secure Longteng server was developed over 11 years, and is now in its fourth generation. It uses what is called the “Loongson” central processing unit, and firewall and virtual network gateway software.

Shuguang software is used in government and industry, including the energy sector, research and development, national defense and cloud computing.

Beijing is encouraging the development of apps like WeChat which will use systems that are Chinese developed and physically located in China. Indeed, the government is backing the global spread of its search engines like Baidu. Indeed, the revelations may be spurring moves to propel China itself to emerge as a major software power in the world.

The US and China are trying to achieve a modus vivendi in relation to cyber security. The issue has been discussed in high level meetings, including the Obama- Xi summit in Sunnylands in 2012, and a US-China Cyber Working Group set up in 2011. The US Department of Defense had made public its Strategy for Operating in Cyberspace as an effort in promoting transparency.

In Beijing earlier this year during talks with his Chinese counterparts, US Defense Secretary Chuck Hagel had his officials lay out a briefing on US cyber capabilities, including their command and control structures and policies regarding red lines and escalation in the network domain. The Chinese have disdained from any formal response or attempt at transparency. It was in the wake of this that the US, in an unprecedented move in May this year, charged five officers in the People’s Liberation Army (PLA) with crimes related to cyber espionage directed six American victims in the U.S. nuclear power, metals and solar products industries. The officers are identified as Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, associated with the PLA’s Unit 61398. Predictably, the Chinese denied the charge with their official statement noting “The Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cyber theft of trade secrets.”

After the damaging Snowden revelations, the Chinese could not be expected to take US statements at face value. Anyway, according to one analyst, “On a theoretical level, PLA academicians believe that the network domain is offense-dominant by its nature due to the difficulty of attack attribution, the ongoing inadequacy of defensive technologies and the potential for adversaries to launch attacks that are high-speed, large-scale and low-cost.” This means that the realists in Beijing are unlikely to take efforts to moderate the cyber cold war in any significant fashion, at least in the near term.

The views expressed in this article are solely those of the author.
Courtesy: ORF

Author Profile

India Writes Network: India Writes Network (www.indiawrites.org) is an emerging think tank and a media-publishing company focused on international affairs & the India Story. Centre for Global India Insights is the research arm of India Writes Network. To subscribe to India and the World, write to editor@indiawrites.org. A venture of TGII Media Private Limited, a leading media, publishing and consultancy company, IWN has carved a niche for balanced and exhaustive reporting and analysis of international affairs. Eminent personalities, politicians, diplomats, authors, strategy gurus and news-makers have contributed to India Writes Network, as also “India and the World,” a magazine focused on global affairs.