China cyber-warfare translation

Computer Security

The Dragon and the Computer: Chinese Cyber-Warfare

By: Paulo Shakarian, Posted on: July 31, 2013 Comments: 0

Dear Readers,

I’m happy to be writing for Elsevier’s new blog to introduce the book Introduction to Cyber-Warfare: A Multidisciplinary Approach that I wrote with my wife Jana and our good friend Andrew Ruef.  The book is designed to introduce the reader to this new domain of warfare through a series of case studies. This is much the way I learned about conventional military operations through my military training – and why there are so many good books on military history.  Jana, Andrew, and I felt that there should be a similar “military history” for cyber-war – so we hope this can help fill that void.

Many people have asked us what we thought about In the light of recent news stories about China engaging in cyber-warfare, particularly regarding intellectual property theft.  So, in talking with the good folks at Elsevier, we want answer some of those questions -  while giving you a taste of this new book.

The following article is an excerpt from the new book Introduction to Cyber-Warfare: A Multidisciplinary Approach published by Syngress, an imprint of Elsevier. Order your copy now and save 30%! Just enter discount code “SYN30” at checkout.

The Dragon and the Computer: Why Intellectual Property Theft is Compatible with Chinese Cyber-Warfare Doctrine

By Paulo Shakarian, Jana Shakarian, and Andrew Ruef

Abstract: Along with the USA and Russia, China is often considered one of the leading cyber-powers in the world. In this exerpt, we explore how Chinese military thought, developed in the 1990’s, influenced their cyber-operations in the early 2000’s. In particular, we examine the ideas of Unrestricted Warfare and Active Offense and discuss how they can permit for the theft of intellectual property.  We then specifically look at how the case study of Operation Aurora – a cyber-operation directed against many major U.S. technology and defense firms, reflects some of these ideas.

Over the past five years, the news media is seemingly littered with alleged Chinese cyber-incidents. These activities have included instances of theft of guarded scientific data,  monitoring of communication of the Dalai Lama, and theft of intellectual property from Google. In a testimony to the Congressional Armed Services Committee, General Keith Alexander, the commander of U.S. Cyber Command and head of the National Security Agency (NSA), stated that China is stealing a “great deal” of military-related intellectual property from the U.S. Clearly, cyber-espionage, which includes the theft of intellectual property, is already a key component of Chinese cyber-strategy.  The recently released report by the security firm Mandiant provides technical analysis leading to the conclusion that an organization within the People’s Liberation Army (Unit 61398) has been responsible for a great deal of cyber-espionage against English-speaking countries. In this paper, we highlight some of the relevant Chinese doctrine that we believe led to organizations like Unit 61398 and others.

++++

The activities of exfiltration, monitoring, and theft of digital information described here can be easily labeled as incidents of cyber-espionage. The apparent goal of this type of cyber-operation is not to take the computers offline or destroy the data that they contain but rather to capture data of the opposing force. This being the case, such activities could not be labeled as cyber-attacks, because the targeted systems and their data must remain intact in order to obtain the desired data. Hence, we can define cyber-espionage as the act of obtaining access to data from a computer system without the authorization of that system’s owner for intelligence collection purposes.

11:52 -- next

However, like incidents of computer network attack, these incidents of cyber-espionage too are notoriously difficult to attribute. What then, leads us to believe Chinese involvement in the cyber-espionage incidents? If attribution is so difficult, then why do these actions cause corporations like Google and Northrop Grumman, as well as high-level diplomats such as U.S. Secretary of State Hilary Clinton to issue strong statements against the Chinese government in the wake of such attacks? The issue lies in the origin of the incidents. Often computers involved with the theft of digital information are traced back to networks that are located on the Chinese mainland. Further, forensic analysis of malware from such incidents often indicates the use of Chinese-language software development tools. Though it is virtually impossible to implicate the government of the People’s Republic of China (PRC) in these cyber-espionage actions, the fact that they can be consistently traced to the Chinese mainland raises serious policy questions. Is the Chinese government conducting active investigations against the hackers, and what legal actions are they taking once hackers are identified? Is the Chinese government transparently sharing information of these supposed investigations with the victims of the cyber-espionage? What legal actions is Beijing taking to prevent individual hackers from attacking organizations outside of China? These questions must be given serious consideration in the wake of attempted cyber-espionage to when there is evidence of Chinese origin… [Click here to read the full except as a PDF]

Also note that this excerpt is also available in the Spanish language, courtesy of the U.S. Air Force.

Additional Reading from Elsevier Connect: China and Cyberwarfare — Insights from a Military Computer Scientist

About the Author:

Paulo Shakarian, Ph.D. is a Major in the U.S. Army and an Assistant Professor of Computer Science at the U.S. Military Academy (West Point) teaching classes on computer science and information technology as wells as conducting research on cyber-security, social networks, and artificial intelligence. He has written over twenty papers published in scientific and military journals. Relating to cyber-warfare, he has written the paper “Stuxnet: Cyberwar Revolution in Military Affairs” published in Small Wars Journal and “The 2008 Russian Cyber-Campaign Against Georgia” published in Military Review.

His scientific research has also been well received, featured in major news media such including The Economist and Nature. Previously, he has authored Geospatial Abduction: Principles and Practice published by Springer.

Paulo holds a Ph.D. and M.S. in computer science from the University of Maryland, College Park, a B.S. in computer science from West Point, and a Depth of Study in Information Assurance also from West Point. Paulo has served two combat tours in Operation Iraqi Freedom. His military awards include the Bronze Star, Meritorious Service Medal, Army Commendation Medal with Valor Device, and Combat Action Badge. Learn more about Paulo, at his website.

The opinions in this article are solely those of the author and do not necessarily reflect the opinions of the US Military Academy, the US Army or the Department of Defense.

***

計(jì)算機(jī)安全

華人與計(jì)算機(jī):中國(guó)計(jì)算機(jī)網(wǎng)絡(luò)戰(zhàn)爭(zhēng).

作者:Paulo Shakarian

出版日期:2013年7月31日

親愛(ài)的讀者,

我非常高興在 Elsevier 的新博客中寫一個(gè)關(guān)于網(wǎng)絡(luò)戰(zhàn)爭(zhēng)的介紹：我和我的妻子 Jana 還有我們的好朋友 Ruef通過(guò)一種綜合的研究方法來(lái)完成它。這本書(shū)的初衷是通過(guò)一系列的研究展現(xiàn)一個(gè)新的領(lǐng)域的戰(zhàn)爭(zhēng)網(wǎng)絡(luò)戰(zhàn)爭(zhēng)。我了解傳統(tǒng)軍事行動(dòng)最常規(guī)、最有效的方式是通過(guò)軍事訓(xùn)練-這就是為么會(huì)有如此多的書(shū)籍是關(guān)于歷史軍事的。Jana，Andrew 和我覺(jué)得網(wǎng)絡(luò)戰(zhàn)爭(zhēng)歷史上的其他戰(zhàn)爭(zhēng)一樣，所以我們希望這本書(shū)能夠填補(bǔ)這一空白。

許多人會(huì)問(wèn)我們對(duì)于最近比較熱的關(guān)于中國(guó)從事網(wǎng)絡(luò)戰(zhàn)的新聞，特別是關(guān)于知識(shí)產(chǎn)權(quán)的盜竊。所以，在和 Elsevier 博客上的網(wǎng)友聊天時(shí)，我們想要回答一些關(guān)于這方面的問(wèn)題-讓你了解這本新書(shū)。

下列的文章是介紹這本關(guān)于網(wǎng)絡(luò)戰(zhàn)爭(zhēng)的新書(shū)的摘錄：一種多學(xué)科的方法被Syngress公布，Elsevier 的版本說(shuō)明。馬上訂購(gòu)你的副本可以打3折！只要進(jìn)入點(diǎn)擊‘SYNS30’就可以付款了。

華人與計(jì)算機(jī)：為什么知識(shí)產(chǎn)權(quán)盜竊和中國(guó)的網(wǎng)絡(luò)學(xué)說(shuō)是兼容的。

作者：Paulo Shakarian, Jana Shakarian, and Andrew Ruef

摘要：繼美國(guó)和俄羅斯之后，中國(guó)通常被認(rèn)為是世界上網(wǎng)絡(luò)權(quán)利的引領(lǐng)者之一。在本文中，我們探索中國(guó)軍方的想法，于20世紀(jì)90年×××發(fā)的，影響了他們21世紀(jì)初期的網(wǎng)絡(luò)操作。特別是，我們探究他們超限戰(zhàn)和主動(dòng)進(jìn)攻的想法，我們也討論了他們?nèi)绾卧试S知識(shí)產(chǎn)權(quán)盜竊。我們之后特別關(guān)注極光行動(dòng)的案列研究-一個(gè)網(wǎng)絡(luò)操作直接對(duì)抗了許多美國(guó)的權(quán)益，如：科學(xué)技術(shù)和辯護(hù)律師事務(wù)所，反映出一些這樣的思想。

過(guò)去五年里，一些新聞媒體報(bào)道了看似散落涉嫌中國(guó)的網(wǎng)絡(luò)事件。這些活動(dòng)包括盜竊把守的科學(xué)數(shù)據(jù)的實(shí)例，監(jiān)測(cè)達(dá)賴?yán)锏耐ㄐ?，盜竊谷歌的知識(shí)產(chǎn)權(quán)。在國(guó)會(huì)武裝部隊(duì)委員會(huì)的證詞中，基思·亞歷山大將軍，美國(guó)國(guó)家安全局網(wǎng)絡(luò)司令部(NSA)負(fù)責(zé)人。他指出中國(guó)從美國(guó)偷了‘許多’與軍事有關(guān)的知識(shí)產(chǎn)權(quán)。明確的網(wǎng)絡(luò)間諜活動(dòng)，包括盜竊知識(shí)產(chǎn)權(quán)，這已經(jīng)成為中國(guó)網(wǎng)絡(luò)策略的關(guān)鍵組成部分。最近安全公司Mandiant發(fā)布的報(bào)告提供了技術(shù)分析指向這個(gè)結(jié)論，一個(gè)組織隸屬于解放軍(61398 部隊(duì))已經(jīng)從事了大量的軍事間諜活動(dòng)來(lái)對(duì)抗母語(yǔ)為英語(yǔ)的國(guó)家。本書(shū)，我們特別強(qiáng)調(diào)中國(guó)一些相應(yīng)的學(xué)說(shuō)，我們相信它導(dǎo)致了像61398部隊(duì)或其他類似的組織的出現(xiàn)。

滲出的活動(dòng)，監(jiān)聽(tīng)，盜竊的數(shù)據(jù)信息，可以描述為一些能夠被很容易標(biāo)記為實(shí)施網(wǎng)絡(luò)間諜活動(dòng)的事故。他們明顯的目標(biāo)不是讓計(jì)算機(jī)下線或摧毀計(jì)算機(jī)內(nèi)的數(shù)據(jù)，而是捕獲他們的反對(duì)力量的數(shù)據(jù)。在這種情況下，這些活動(dòng)不能被標(biāo)記為網(wǎng)絡(luò)***，因?yàn)槟繕?biāo)系統(tǒng)和它的數(shù)據(jù)必須保持完整為了獲取他們所需的數(shù)據(jù)。故，我們可以定義網(wǎng)絡(luò)間諜活動(dòng)為：為了獲從計(jì)算機(jī)系統(tǒng)獲取數(shù)據(jù)而不經(jīng)過(guò)計(jì)算機(jī)系統(tǒng)擁有者授權(quán)的收集情報(bào)的行為。

無(wú)論如何，像計(jì)算機(jī)網(wǎng)絡(luò)***事件，網(wǎng)絡(luò)間諜活動(dòng)也一樣，眾所周知很難鑒定它的歸屬。那么，是什么導(dǎo)致我們相信中國(guó)參與網(wǎng)絡(luò)間諜活動(dòng)？如果歸屬如此的困難，那么，為什么谷歌公司和諾斯羅普·格魯門公司，高級(jí)別外交官，例如美國(guó)國(guó)務(wù)卿希拉里·克林頓發(fā)出強(qiáng)硬的聲明譴責(zé)中國(guó)政府在喚醒在這些***？這個(gè)聲明羅列了事件起源，大多數(shù)計(jì)算機(jī)***事件涉及竊取數(shù)據(jù)信息通過(guò)網(wǎng)絡(luò)追蹤表明***源來(lái)自中國(guó)大陸。更近一步，通過(guò)分析這些***事件中的惡意軟件會(huì)發(fā)現(xiàn)這些軟件的開(kāi)發(fā)工具是中文的。所以這幾乎不可能連累×××政府涉及網(wǎng)絡(luò)間諜活動(dòng)，事實(shí)上他們可以始終追溯到中國(guó)大陸加重重的政治危機(jī)。中國(guó)政府在進(jìn)行反***調(diào)查嗎，那么，什么樣法律的行為被確定為***所為？中國(guó)政府是否和網(wǎng)絡(luò)間諜活動(dòng)的受害者透明共享應(yīng)該調(diào)查的這些信息？什么法律行動(dòng)將被北京采取采取防止中國(guó)以外的進(jìn)攻組織的個(gè)別***？這些問(wèn)題必須給予認(rèn)真的考慮，原產(chǎn)于中國(guó)的證據(jù)表明在企圖喚醒網(wǎng)絡(luò)間諜活動(dòng)。

同時(shí)也說(shuō)明這些摘抄有來(lái)自西班牙的，有來(lái)自由美國(guó)空軍的。

其它閱讀鏈接：從軍事的計(jì)算機(jī)科學(xué)家眼中透視中國(guó)網(wǎng)絡(luò)戰(zhàn)。

關(guān)于作者：

Paulo Shakarian, Ph.D. 是一個(gè)美國(guó)陸軍少校和計(jì)算機(jī)科學(xué)助理教授，主要教授計(jì)算機(jī)科學(xué)與技術(shù)，同時(shí)也研究網(wǎng)絡(luò)安全、社交網(wǎng)絡(luò)和人工智能。他已經(jīng)寫了超過(guò)20本書(shū)發(fā)表于科學(xué)和軍事刊物。涉及到網(wǎng)絡(luò)戰(zhàn)爭(zhēng)，他已經(jīng)寫了名為《Stuxnet蠕蟲(chóng)：網(wǎng)絡(luò)戰(zhàn)軍事事務(wù)革命》發(fā)表于小型戰(zhàn)爭(zhēng)報(bào)和《2008年俄羅斯對(duì)格魯吉亞的網(wǎng)絡(luò)活動(dòng)》發(fā)表于軍事評(píng)論。

他科學(xué)的研究的到了很好的回報(bào)，特色在于各大新聞媒體包括經(jīng)濟(jì)學(xué)家和自然的研究。先前，他撰寫地理空間：由Springer出版的原理與實(shí)踐。

Paulo holds a Ph.D. and M.S. 從事計(jì)算機(jī)科學(xué)，馬里蘭大學(xué)，學(xué)院公園，西點(diǎn)軍校的一個(gè)計(jì)算機(jī)科學(xué)理學(xué)士，深入研究信息安全保障。在“伊拉克自由行動(dòng)”擔(dān)任兩個(gè)作戰(zhàn)旅的旅長(zhǎng)，他的部隊(duì)得過(guò)包括:銅星獎(jiǎng)?wù)?、榮譽(yù)獎(jiǎng)?wù)?、軍?duì)嘉獎(jiǎng)獎(jiǎng)?wù)潞腿A爾萊科技設(shè)備和和作戰(zhàn)行動(dòng)徽章。了解更多關(guān)于Paulo，請(qǐng)?jiān)L問(wèn)他的網(wǎng)站。

在這篇文章中的觀點(diǎn)僅是作者，并不一定反映了美國(guó)軍事學(xué)院，美國(guó)陸軍或國(guó)防部的意見(jiàn)。