Chinese Capabilities for Computer Network Operations and Cyber Espionage
The study is intended to be a detailed follow up and expansion upon a 2009 assessment prepared by Northrop Grumman for the U.S.-China Economic and Security Review Commission of China’s evolving computer network operations capabilities and network intrusion incidents attributed to China.
Concern in the United States over alleged Chinese penetrations of both commercial and government networks has only intensified in the past two years as successive incidents have come to light in the media and more organizations voluntarily come forward.
The study draws some conclusions:
1. The People´s Liberation Army (PLA) is pursuing the means to seize and occupy the “information high ground” in the modern battlespace to exert control over information and information systems;
2. The rapid development of a comprehensive C4ISR infrastructure, linking platforms, personnel, and operations, is arguably the most transformative of all PLA efforts currently underway;
3. PLA is trying to unify disparate information systems to enable coordination between geographically dispersed units in order to attaining near total situational awareness of the battlespace while limiting an adversary’s ability to do the same;
4. PLA is trying to reach information dominance early and using it to enable and support other PLA operations throughout a conflict; during peacetime, computer network exploitation has likely become a cornerstone of PLA and civilian intelligence collection operations supporting national military and civilian strategic goals;
5. PLA leaders understand that tactical level employment of computer network attack (CNA) tools used with sufficient precision can achieve dramatic strategic outcomes with the potential to alter a campaign and, conversely, that as the PLA deploys more sophisticated information systems and grows increasingly reliant upon them for successful military operations, it must also protect itself from the same network vulnerabilities as its high-tech adversaries. This imperative places computer network defense (CND) on an equal footing with its counterparts in the CNO triad;
6. PLA is augmenting its developing computer network operations (CNO) capabilities by relying on inputs from China’s commercial IT industry, academia, and civilian and military research institutions;
7. Telecommunications hardware notables such as Huawei, Zhongxing (ZTE), and Datang maintain relationships with the PRC government and continue to fuel speculation in the United States and other Western nations about potential network attack or exploitation vectors created by the growing presence of these and other Chinese IT companies in global telecommunications infrastructure markets.
Taken in the aggregate, recent developments in Chinese computer network operations applications and research and development point to a nation fully engaged in leveraging all available resources to create a diverse, technically advanced ability to operate in cyberspace as another means of meeting military and civilian goals for national development.
Computer network operations have assumed a strategic significance for the Chinese leadership that moves beyond solely military applications and is being broadly applied to assist with long term strategy for China’s national development.