Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014

中
華
人
民
共
和
國
網
絡
代
碼
衝
突...

中国人民共和国
信息戰
Red Dragon Rising –
China Challenges:
People's Republic of China use of Computers &
Networks as a Strategic Weapon
02 MARCH 2014
LTCOL (RET) William Hagestad II
MSc Security Technologies
MSc Management of Technology
www.red-dragonrising.com
hagestadwt@red-dragonrising.com
Red-DragonRising.com©

The Middle Kingdom….


籠恐龍

籠恐龍…Caged Dinosuars

“21st Century Chinese
Cyber Warfare”
“二十一世紀中國網絡戰”

取締中華人民共和國


ISBN: 9781849283342

http://www.amazon.com/Operation-Middle-Kingdom-Computers-Networksebook/dp/B00GTVFJOQ/

ISBN: 978-1482577105

http://www.amazon.com/Chinese-Information-Warfare-DoctrineDevelopment-ebook/dp/B00GWO12LO/

ISBN: 978-1493771974

http://www.amazon.com/Chinas-Plans-Winning-InformationConfrontation/dp/1496080874/


ISBN: 978-1496080875

Is China Really the Enemy?


Cyber Adversary Taxonomy
Cyber Threat

Motive

Targets of
Opportunity

Methodologies

Capabilities

Nation States ~
Peace Time

Economic,
Military,
National
Secrets,
Political

Commercial Enterprises,
Intelligence, National Defense,
Governments, National
Infrastructure

Military & Intel
specific cyber
doctrine, hacktivists

Asymmetric use of
the cyber domain
short of kinetic

Nation States ~
War Time

Economic,
Military,
Political

Commercial Enterprises,
Intelligence, National Defense,
Governments, National
Infrastructure

Military & Intel
specific cyber
doctrine, hacktivists

Asymmetric use of
the cyber domain
including kinetic

Political

Infrastructure, Extortion and
Political Processes

Combination of
advanced persistent
threats (APT)

Developing – will
be a concern in
2012

Cyber Terrorists &
Insurgents
Cyber Criminals –
Grey & Black
Markets

Financial

Criminal
Organizations – RBS

Financial

Rogue
Organizations –
Anonymous,
LulzSec

Financial
Military,
National
Secrets,
Political

Intellectual Property Theft,
Fraud, Theft, Scams, Hijacked
Network & Computer
Resources, Cyber Crime for
Hire

Exploits, Malware
Botnets, Worms &
Trojans

Cell-based
structure as an APT

Use of above with
distinct planning

Highly
professional,
dangerous

Intellectual Property Theft,
Direct & Indirect pressure on
OGA Resources

Organic hacking
capabilities
unsurpassed

Organized yet decentralized


The Middle Kingdom


中國人民解放軍
1949 Information Warfare
(IW)

毛泽东 Mao Tse-Tung

Chinese View…

16 AUGUST
2011

Chinese Perspective….
 16 AUGUST 2011 – People’s Tribune Magazine - (人民论坛杂志) publishes
several articles…
 4 are very problematic for the United States….
– “A Sovereign Country Must Have Strong Defense” by Min Dahong, director
of the Network & Digital Media Research Office @ China Academy of
Social Sciences;
– “America’s ‘Pandora’s Box’ Cyber Strategy Confuses the World” by Shen Yi Fudan University’s Department of International Politics;
– “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the
Competition” by Tang Lan, Institute of Information and Social
Development Studies at the China Institute of Contemporary International
Relations; and
– “How to Construct China’s Cyber Defenses” by Liu Zengliang, from the PLA
National Defense University

http://www.rmlt.com.cn/qikan/2011-08-16/


http://www.chinasmack.com/2010/more/cannons-englishteacher-seduction-june-9th-jihad.html

誰是中國?


中國黑客….
4 Groups…Official & Unofficial….

第一…中國共產黨
(CPC)
第二…人民解放军
(PLA)
第三… 中國國有企業
(SOE)
第四個…中國黑客 (Hacktivists)

中國共產黨 - CPC
► Codified cyber warfare in 2010…

• In response to US Cyber Command 6 months earlier…

► Official Edict: “protect national infrastructure from
external cyber threats” – President Hu Jin tao
► President Hu’s successor Xi Jin ping ….
Motivations:
• Maintain & Retain Chinese Dream…
• Ensure China’s Sovereignty…
• Control Freedom of Search…
• Ensure stable transition of Communist Regime…


Chinese Information and
Cyber Warfare
Government Intent
Golden Shield…Filter the Chinese Internet
o Designed 1998
o Operational NOV 2003
o CISCO powered – cost $ 800M USD
o China’s Ministry of Public Security (MPS) operates….

Green Dam….1 July 2009…new PC’s must have
Chinese Government Spyware….

Military Focus
Civilian Dimension
http://www.certmag.com/read.php?in=3906
http://www.e-ir.info/2010/04/13/chinese-information-and-cyber-warfare/
http://www.zdnet.com/blog/government/china-demands-new-pcs-carryspyware/4906


人民解放军- PLA
► 500 BC Sun-Tzu’s Art of War – basis
► Sun Ping’s Military Methods
► 1995 - Major General Wang Pufeng –
Founding father of Chinese Information
Warfare (IW)
► 1999 - War Without Limits – PLAAF Senior Colonel’s
Qiao Liang & Wang Xiangsui
► 2002 - PLA's IW strategy spearheaded by Major
General Dai Qingmin Integrated Network-Electronic Warfare (INEW)


信息支持（保證）基地
19 JUL 2010 Cyber Base….
Official Mission…Protect the national infrastructure of
the People’s Republic of China…

Established 6 Months AFTER U.S. says “we are taking military approach to Internet…”


Official Statement of Chinese IW
20 JUL 2010 – ‘ordered by President Hu
Jintao to handle cyber threats as China
enters the information age, & strengthen
the nation's cyber-infrastructure’
General Staff Directorate’s (GSD) Cyber Warfare
‘Princelings’…
General Zhang Qinsheng 章沁生
General Chen Bingde 陈炳德
漢族…Han Chinese
General Ma Xiaotian 马晓天
Communist…
Technologists…
Vice Admiral Sun Jianguo 孙建国
PLA Leaders…. &
Major General Hou Shu sen 侯树森

中國人

目前中國網絡戰的戰術
China’s “Goal is to achieve a strategic
objective…over adversaries…”
“You have to meet my political conditions
or your government will be toppled, or
you promise to meet some of my political
conditions.”
• Major General Hu Xiaofeng, Deputy Director for the
National Defense University Department of
Information Warfare and Training Command
• Professor Meng Xiangqing, National Defense
University Institute for Strategic Studies

黑暗訪問者, 2009; [Online] Available at: http://www.thedarkvisitor.com/category/uncategorized/

黑客 - Hacktivists
 Originally supported by CPC & PLA
•
•
•
•

Now uncontrollable….Golden Shield Project?
Comment Group…
Elderwood Gang…
Use of known Chinese malware for commercial purposes
now…

 Reinforce PRC’s nationalism via the web
•
•
•
•

Taiwan, the renegade Chinese Province
Punishing Japan for WWII war crimes, Daiyu Islands
Confronting Philippines, Oil near Huangyuan
Codera’s anti-Chinese web rhetoric

 Capability to carry out Chinese State Policies
without attribution….


很多年華中國 Cyber Activity






1995 – Chinese General MG Wang Pu Feng describes attacking via Internet
1997 – “War Beyond Limits” (Unrestricted Warfare) is written by 2 Senior Chinese Colonels
2001 China warns of massive hack attacks
2002 - “informatization”信息化 campaign begins Chinese Communist Party (CCP) General Secretary and Central
Military Commission (CMC) Chairman Jiang Zemin, a speech before the 16th Party Congress
2003 - Titan Rain泰坦雨 US DoD & Government websites targeted
2004 – Japan targeted by Chinese over disputed Daiyu Islands
2007 – GhostNet 幽灵网 Global CnC network with IP addresses in People’s Republic of China
2008 – Byzantine Hades - targeted cyber operations against the U.S. government using social engineering and
malicious attachments and links in e-mail messages.
2008 - MI5 writes to more than 300 senior executives at banks, accountants and legal firms warning them - the
Chinese army is using Internet spyware to steal confidential information
2009 - Operation Aurora 操作极光 International Energy Industry targeted
2009 – Night Dragon夜龙 Global multinationals attacked via Internet
2010 – Article - Should we be afraid of Chinese hackers?...Or lost cyber war?
2011 -US needs to get better at preventing foreign access to advanced technology
- GAO watchdogs find holes in high-tech access, licensing rules
2011 – Chinese military CCTv-7 demonstrates GUI Hacking of University of Alabama
2011 – Office of the National Counterintelligence Executive (ONCIX) Report indicates both China & Russia target IP
2011 – Operation Shady RAT FIVE year campaign of economic & intelligence data exfiltration
2012 – “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage”





2012 – Chinese Technology Policy & Cyber Offensive Operations - April
2012 – China & Philippines engage in mutual cyber attacks over Scarborough Shoals – April
2012 – “US & China must work to avoid cyber conflict” DefSec Panetta



















NORTHRUP GRUMMAN March 7, 2012

2012 – Chinese Hackers hack White Nuclear Secrets Network
2012 – US House Intelligence cites Huawei & ZTE as threats to National Security
2013 – Shanghai Jaiotong University tied to PLA hacking unit

0

結束狀態

1)
2)
3)
4)
5)

Cyber-espionage is state sponsored; yet direct attribution is an illusion….
中華人民共和國 plans cyber-espionage – defensively & offensively;
Cultural, economic, historical & linguistic threads中國 cyber-espionage;
中國, although advocating citizen hacking, no longer controls it;
Commercial enterprises worldwide are permeable to中國cyber hacking in all
form & methods;
6) 中國malware, RATs, Botnets are undiscoverable….
7) Mandarin Chinese (complex and simple) are an exceptional form of
cryptography…
8) All Western InfoSec Technology are ineffective against中國 attacks;
9) Companies cannot defend adequately from the various alleged Chinese
information warfare threats of Next Generation Warfare;
10) Offensive Cyber Capabilities must be developed…..protect your IP & Network
11)中華人民共和國 cyber-espionage threat serious & only become much
worse…..


.

DO NOT become a
Chinese Cyber Espionage
case study in my slide deck!

中國國有企業

“21st Century Chinese
Cyber Warfare”

“二十一世紀中國
網絡戰”
Available :

ISBN: 9781849283342

謝謝您
謝謝您的時間今天
有沒有問題？

你會說中國普通話... ...嗎？
看
看
發
生
了
什
麼
事
！


跟隨紅龍
Red-DragonRising #RedDragon1949
http://www.linkedin.com/in/billhagestad
Red-dragonrising.com


Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014

Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014

Recommandé

Contenu connexe

Tendances

Tendances(20)

Similaire à Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014

Similaire à Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014(20)

Plus de Bill Hagestad II

Plus de Bill Hagestad II(16)

Dernier

Dernier(20)

Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014