中国的秘密战争
来源:美国头版杂志
网络战争上周正式降临国会山。
共和党议员沃尔夫(Frank Wolf)和史密斯(Christopher Smith)上周三(11日)公开宣布在2006和2007年,他们的办公电脑网络被中国黑客入侵。网络入侵者不是寻找敏感军事或经济数据,而是企图窃取关于中国异见分子的政治信息。
这不是中国政府黑客第一次把手伸向敏感的美国文件。相信中国黑客穿越美国电脑网络的长征始于2000年。自那时起,攻击的频率增加,而且日臻成熟。例如最近的攻击利用了间谍软件,可以神不知鬼不觉地从议员的电脑下载文件。该软件是随私人邮件打开秘密安装的。
中国对美国发起的最大规模网络袭击发生在2004年。由于规模宏大,美国安全当局给它起了个代号,叫“Titan Rain”。数千非机密军事和产业文件被盗。在2007年,五角大楼电脑遭遇了同样赤裸裸的攻击。国防部长的电脑系统受损。相信这起事件的作案人是解放军。
中国在网络间谍方面取得的成功并不意味着它会放弃传统的间谍办法。就在3月,加州一位华裔工程师被判24年,罪名是企图向中国传送美国潜艇技术。而此前一个月,一位曾担任波音工程师的华裔出于同样目的盗窃公司航空项目机密,并因此被捕。就在上月,一位合法地居住在新奥尔良的华人承认向祖国提供美国军事信息的罪名。
与中国针对美国和西方的最大间谍项目“千颗沙子(thousand grains of sand)”相比,这些单人匹马的任务则显得苍白。按照“千颗沙子”的战略,特工都是业余的。他们由前往海外的华人组成,例如留学生或者已经生活在海外的华人。中国情报部门叫他们传递任何军事、技术或者经济信息,质量不限。目标就是汇总这些信息得出某些重要结论。安全专家派克(John Pike)表示,中国人的理论是如果做足功夫,最终会有所得。
美国也不是中国唯一的攻击目标。去年,德国政府部门以及德国总理默克尔的电脑受到中国黑客攻击。默克尔去年访问中国的时候向中国总理温家宝提出这个问题。
美国官方的相对怠惰与默克尔直面中国网络战争的姿态形成鲜明对比。事实上,沃尔夫表示政府官员叫他不要公布中国攻击他办公电脑系统的消息。
美国沉默以对中国网络战争,这很可能是因为五角大楼也对中国实施类似的计划,而且显然更成功。美国官员不希望他们自己的间谍成就引起别人的注意。
上周的报道确认中国网络战争对美国安全构成真正的威胁。但我们必须记住,美国在战略上不愿意宣传它在间谍方面的胜利,并不意味着那些胜利确实是非常真实的。(作者 Stephen Brown)
译文为摘译,英文原文地址:http://www.frontpagemag.com/Articles/Read.aspx?GUID=13D26235-2B6C-4F15-B82A-21F476186249
英文原文:
China’s Secret War
By Stephen Brown
FrontPageMagazine.com | Thursday, June 19, 2008
Cyber warfare officially arrived on Capitol Hill last week. Two Republican congressmen, Rep. Frank Wolf of Virginia and Rep. Christopher Smith of New Jersey, went public last Wednesday with the news that in 2006 and 2007 their office computer networks had been breached by Chinese hackers.
The cyber raiders were not looking for sensitive military or economic data. Instead, they apparently tried to steal political information about Chinese dissidents. “My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China’s abysmal human rights record,” Wolf told the Washington Times. Both congressmen said the attacks were made against aides who “…worked specifically on China and human rights issues.”
This is not the first time that Chinese government hackers have gotten their hands on sensitive American documents. Chinese hackers’ long march through American computer networks is believed to have started in 2000. Since then, the attacks have increased in both their frequency and their sophistication. For instance, the latest attack made use of spy software that downloaded files from the congressmen’s computers without detection. The software is secretly installed when a personalized email is opened.
China’s largest cyber-raid in the United States occurred in 2004. The assault was so massive that American security authorities gave it a code name, “Titan Rain.” Computers in several defense and space installations were targeted and thousands of unclassified documents, both military and industrial, were stolen. Fortunately, classified military information is not directly connected to the internet; but data found in those unclassified networks can also be of a sensitive nature.
Equally brazen was a 2007 cyber attack on Pentagon computers. That attack saw Secretary of Defense Robert Gates’ computer system compromised. The perpetrator in this case was believed to have been the People’s Liberation Army.
Last March, the military news website Strategy Page.com detailed how Chinese hackers may attack in the future. Counterfeit computer equipment is sometimes sold to the American military. This equipment may contain counterfeit computer cards that are made in China. The danger is that the fake cards could be “hardwired” to allow Chinese cyber agents access to the computer networks where they wind up. According to Strategy Page, criminals currently place stickers on counterfeit cards to make it appear that they are from reputable American suppliers. Many such cards have been found, but none yet with this kind of “spy chip.” Nevertheless, the website notes, American security authorities have a “scary, new problem on its hands.”
China’s success in cyber espionage does not mean that it has given up the traditional approach of obtaining information from U.S.-based spies. Just last March, a Chinese-born engineer was sentenced in California to 24 years for attempting to obtain and export to China American submarine technology. A month earlier, a former Chinese-American engineer at Boeing was arrested for stealing corporate secrets from the aerospace program for the same purpose. And only last month, a Chinese citizen living legally in New Orleans pleaded guilty to espionage for sending American military information to her homeland.
Such one-man missions pale in comparison to the biggest Chinese espionage program directed against the United States and the West. It is known as the “thousand grains of sand” strategy. In this approach, the agents are all amateurs. They consist of Chinese who are either going overseas, such as students, or those who already live abroad. Appealing to their shared ancestry, Chinese intelligence asks them to bring or send home any military, technological or economic information, no matter how low level. The goal is that such information, when put together, will lead to something big. “Chinese do not hit homeruns,” John Pike, a security expert, has remarked. “Their theory is that if you do enough of it, eventually it will amount to something.”
By some estimates, the “thousand grains of sand” program involves 100,000 people – a testament both to the importance that China attaches to the program as well as to its extent. And it has been going on for a long time. “For nearly two decades, Beijing has mobilized the Chinese-American community to penetrate US military corporations that are working on defense contracts,” writes commentator Sreeram Chaulia.
Nor is the U.S. China’s only target. In an interview with Canadian television, a former Chinese diplomat has revealed that Canada and Australia, which also have large ethnic Chinese communities, have hundreds of Chinese government agents in their midst. Last year, Germany came under a Chinese cyber attack that saw the computers of several government ministries, as well as the office of the German Chancellor, Angela Merkel, compromised. This breach of German security caused Merkel to broach the subject of Chinese cyber espionage with Chinese premier Wen Jiabao when she visited China last year.
Merkel’s confrontational stance toward Chinese cyber warfare stands in stark contrast to the comparative inaction of American officials. In fact, Rep. Wolf said he was asked by government officials not to go public with the news that the Chinese had hacked his office computer system. “A lot of people urged me not to do this,” he said.
American silence on Chinese cyber warfare efforts is probably due to the fact that the Pentagon is also conducting a similar program against China, and apparently with more success. For example, American intelligence officials know that counterfeit computer cards containing a spy chip are a possibility because they have already invented one. As a result, American officials may well be reluctant to draw attention to their own spying successes.
As last week’s revelations confirmed, Chinese cyber warfare constitutes a real threat to American security. But it’s important to bear in mind that America’s strategic reluctance to publicize its victories on the espionage front doesn’t mean that those victories are very real indeed.
--------------------------------------------------------------------------------
Stephen Brown is a columnist for Frontpagemag.com. A scholar and former news reporter, his field of expertise is Muslim forced marriages and honor killings. Email him at alsolzh@hotmail.com.