China at the mercy of global hackers
By Cui Xiaohuo, Wang Linyan and Peng Kuang (China Daily)
Cyber technology has fast evolved into a weapon with lethal potential, so much so major nations are pumping billions of dollars into upgrading defense systems to make them digital fortresses.

But while the United States has put the danger of cyber attacks at the top of its national security agenda along with the nuclear threat, defense analysts have warned China's lack of preparation against digital terrorism has left the country "extremely vulnerable".

"In the age of information, a nation's security would be at serious risk if its information systems were attacked, or the flow of information were interrupted," said Professor Yu Xiaofeng, a specialist in non-traditional security at Zhejiang University in Hangzhou.

"In a worse-case scenario, a security breach could result in the breakdown of the energy supply and collapse of the financial system, not to mention a collapse of the national defense capability."

China's reluctance to merge its military and civilian resources, partly because the former believes it would substantially weaken the defense of its network, has been heavily criticized, with many experts saying it has left millions of computers and billions of yuan at risk.

"With almost 300 million Web users, China has one of the world's largest information infrastructures, while its information market has great potential," said Professor Yu. "But the capability to defend China's information and cyber security is extremely weak and many of its online applications remain vulnerable to assault."

Across the Pacific Ocean in the US, the White House has appointed its first "cyber tsar" to watch over security threats via the Internet. The Pentagon, which claims it is the victim of 44,000 cyber attacks every year, is also recruiting ex-hackers for its new strategic Web command.

The taskforce will not only eradicate potential vulnerabilities in its own sensitive computer networks, but also find back doors into the digital fortresses of potential enemies.

The US already has a growing number of computer weapons in its arsenal and is preparing strategies to be used alongside conventional weapons as major deterrents in a wide variety of possible scenarios, the New York Times reported.

The Reuters wire service also revealed US President Barack Obama's administration is complementing its military network with civilian resources by building up contacts with cyber-security software firms such as Symantec Corp and McAfee Inc, as well as working with traditional defense contractors like Northrop Grumman and Lockheed Martin, and technology specialists CACI International.

"It is interesting how the US defense officials compose their cyberspace strategy, especially amid the financial difficulties in the US and the proposed defense budget changes for the Pentagon," said Li Daguang, a senior military expert at the Beijing-based National Defense University.

A similar national cyber-security center will also be set up in Britain this month, its media reported last Sunday.

The Internet has evolved from a simple tool to connect the "Global Village" to a virtual battlefield that sees computer users regularly attack each other. US President Obama even warned it has the power to be a potential "weapon of mass destruction" in times of war.

No wonder World Wide Web creator Tim Berners-Lee said recently that most people "no longer understand the Web".

"Security permeates everything, so there are possible attacks on everything," the 54-year-old US inventor told London-based New Scientist magazine on June 5.

Computer warfare still has the capacity to go beyond people's imagination, according to scientists and military specialists, who claim a full cyber war would determine a real combat situation and could halt the exchange of fire before it started. "The key word for computer warfare is suppression, not hacking," explained Professor Fang Binxing, a leading cyberspace scientist with a 21-year career in computer technology. "This is when a military, using civilian and commercial networks, infiltrates the firewall of its enemy's system and disables things like the water, electricity and gas supplies, making it virtually impossible for a country to command the situation or fight back."

The US Armed Forces have already applied a computer warfare strategy. The first time it was openly used, say analysts, was during the conflict in Somalia in 1995, when US Army engineers disabled the communication networks of local militants.

Strategists have pointed out that China, with a discord in cyber security defense and a lack of public awareness surrounding network safety, is vulnerable to a cyber attack.

B2B Research Center, a Hangzhou-based firm that studies commercial activities online, also warned the country's "cyber sovereignty" had been put in jeopardy by the domination of foreign investment in the local Internet industry.

Citing Microsoft's decision to disable its MSN instant messaging service in five nations for political reasons, the center said alien involvement in China's Web could put the nation's security at serious risk.

Li at the National Defense University said the Chinese military, which uses an autonomous cabled network, has done no work with civilian and commercial resources to establish a suitable cyber defense.

"The military's separate network has so far been safe from any infiltrations, but such safety can make a military complacent to future tactics," said Fang, president of Beijing University of Posts and Telecommunications and the first person in China to build online infrastructure designed to combat Internet infiltrations. He was also director of the national computer network emergency response team between 2002 and 2006.

Fellow expert Fang Xingdong, a Beijing-based IT industry observer, added: "Some Chinese military officials still hold dear to the belief that there is no danger of war in cyberspace."

The central government has set up anti-hacking offices at security and industry ministries, mainly to tackle online financial crimes and industrial espionage, but there is so far no liaison office watching over cyber-security surveillance.

Sources said the People's Liberation Army (PLA) has set a steady budget for its information-based operations, but it is unknown how much is spent on joint projects with commercial companies.

"A cyber security taskforce should be established to collaborate with civilian resources," said Professor Yu. "This is the next crucial step for the nation's cyberspace strategy."

Fang Binxing, meanwhile, warned that the lack of urgency in updating its digital defense structure or cooperating with industry leaders over advanced technology had left some divisions of the PLA open to attack, particularly the air force, which relies heavily on electronic communication.

"It is a dangerous paradox," he said. "China's resources heavily rely on the Internet, but it is still desperately in need of an effective defensive system."

He said almost every country claims its computer systems have been abused by foreign hackers, but the US, boasting the most sophisticated cyber network in the world, often claims it is the prime victim.

"The US talks about hackers making assaults on the Pentagon and Congress, but they are also crystal clear that a full cyber war, if waged, is beyond any hacker's might," said Fang.

The nation's Deputy Defense Secretary William Lynn said on Monday that threats to US-based computer networks represent "an unprecedented national security challenge".