Financial Times

Beware: enemy attacks in cyberspace

By Demetri Sevastopulo in Washington

Published: September 3 2007 19:00 | Last updated: September 3 2007 19:00

Lieutenant General Robert Elder, senior Air Force officer for cyberspace issues, recently joked that North Korea “must only have one laptop” to make the more serious point that every potential adversary – except Pyongyang – routinely scans US computer networks.

North Korea may be impotent in cyberspace, but its neighbour is not. The Chinese military sent a shiver down the Pentagon’s spine in June by successfully hacking into an unclassified network used by the top policy advisers to Robert Gates, the defence secretary.

While the People’s Liberation Army has been probing Pentagon networks hund­reds of times a day for the past few years, the US is more alarmed at the growing frequency and sophistication of the attacks.

The Pentagon spent several months deflecting the recent onslaught before the PLA penetrated its system, which was shut down for more than a week for diagnosis.

While officials are concerned that it downloaded information, they are more concerned about the strategic ramifications.

“The PLA has demonstrated the ability to conduct attacks that disable our system . . . and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who added that the PLA has also penetrated the networks of US defence companies and think-tanks.

One senior US official said there was “no doubt” that China was now monitoring email traffic on unclassified government networks.

Intelligence professionals say China has found a simple way to compensate for its lack of expertise in recruiting non-Chinese spies in the US.

China has also come under scrutiny outside Washington. At a recent press conference with the German chancellor Angela Merkel, Wen Jiabao, the Chinese premier, expressed “grave concern” over reports that the PLA had used “Trojan Horse” programs to insert spyware into German government networks.

While Chinese military doctrine stresses the import­ance of cyberspace, many other countries, including the US, engage in electromagnetic trespassing.

This year, for example, Estonia accused Russia of orchestrating a massive attack that temporarily crippled government networks. 

The Defence Science Board, an independent Pentagon advisory group, will soon publish a study on non-conventional military challenges that will examine cyber threats.

A former senior US official said while the US had made headway, much more needed to be done.

The US Air Force will soon create a cyber war-fighting command aimed at improving defensive and offensive capabilities to counter such asymmetric threats. “We want to ensure that we can operate freely in the domain,” says Major General Charles Ickes, another senior Air Force official involved with cyberspace issues. “On the other hand . . . it is seen by everybody in the defence department as a war-fighting domain and you must have offensive capability.”

Gen Ickes says the military must ensure that its actions do not inadvertently impact on US civilian computer systems. Michael Green, former senior Asia adviser to President George W. Bush, points to an example where the Pentagon had to consider the legal ramifications of blasting a virus back at a hacker.

In an increasingly networked world, governments must consider an even wider range of cyber threats, including terrorist attacks on critical infrastructure, commercial espionage, and old-fashioned spying.

France and Germany have imposed restrictions on senior officials using BlackBerries out of concerns that US intelligence agencies could intercept sensitive emails.

Voicing similar concerns, the White House has also imposed a ban on officials using the devices in some countries, including China. It is also examining whether to restrict domestic use, in a move to panic large swaths of Washington’s BlackBerry-addicted officialdom.

Sami Saydjari, chief executive of Cyber Defense Agency and a former Pentagon cyber expert, warns of the potential for terrorist groups, such as al-Qaeda, to attack the financial, telecoms, and power sectors.

To underscore the threat, he notes that no cyber red team – hackers enlisted to attack systems to help identify weaknesses – has ever failed to meet its objective.

Gregory Garcia, the assistant secretary for cyber security at the department of Homeland Security, says the number of cyber incidents reported to the department’s computer readiness team so far this year is 35,000. That compares to 4,100 for the whole of 2005.