China Reveals Its Cyberwar Secrets

china-is-waging-cyberwar-2-650x0.jpg?1361548326
A high-level Chinese military organization has for the first time formally acknowledged that the country’s military and its intelligence community have specialized units for waging war on computer networks.
China’s hacking exploits, particularly those aimed at stealing trade secrets from US companies, have been well known for years, and a source of constant tension between Washington and Beijing. But Chinese officials have routinely dismissed allegations that they spy on American corporations or have the ability to damage critical infrastructure, such as electrical power grids and gas pipelines, via cyber attacks.
Now it appears that China has dropped the charade. “This is the first time we’ve seen an explicit acknowledgement of the existence of China’s secretive cyber-warfare forces from the Chinese side,” says Joe McReynolds, who researches the country’s network warfare strategy, doctrine, and capabilities at the Center for Intelligence Research and Analysis. 
The acknowledgment could have political and diplomatic implications for China’s relationship with the United States and other Western powers.  
China has divided its cyber warfare forces into three types, said McReynolds, whose analysis is included in his forthcoming book, China’s Evolving Military Strategy, which will be published in October.
First, there are what the Chinese call “specialized military network warfare forces” consisting of operational military units “employed for carrying out network attack and defense,” McReynolds said.
Second, China has teams of specialists in civilian organizations that “have been authorized by the military to carry out network warfare operations.” Those civilian organizations include the Ministry of State Security, or MSS, which is essentially China’s version of CIA, and the Ministry of Public Security (its FBI).
Finally, there are “external entities” outside the government “that can be organized and mobilized for network warfare operations,” McReynolds said.
As to which of those groups is responsible for targeting American companies to steal their secrets, the short answer, says McReynolds: “They all do it.” Espionage by the PLA has been extensively documented, McReynolds said. And a Chinese hacking unit dubbed Axiom that has been linked to intrusions against Fortune 500 companies, journalists, and pro-democracy groups is reportedly an MSS actor. He noted that there are also many ways that Chinese civilians have been seen assisting in industrial espionage, including through “hack-for-cash” operations.
Now that China is coming clean about its cyber warfare forces, other countries may question whether they can safely cooperate with the government on combating cybercrime. The Ministry of Public Security (MPS), for instance, has assisted more than 50 countries with investigations of more than a thousands cases of cybercrime over the past decade, and China has set up bilateral law enforcement cooperation with more than 30 countries, including the United States, the United Kingdom, Germany, and Russia.
Experts generally agree that Russia, China, and the United States have the most advanced and sophisticated cyber warfare forces. 
The Daily Beast http://bbc.in/1OyIa0a

 

« You Can Tell Which Emails are Being Tracked.
Crime has gone High-Tech and the Law Hasn’t »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

RIVA Solutions

RIVA Solutions

RIVA provides innovative best practices in IT and management consulting, program support services and emerging technologies.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Bace Cybersecurity Institute (BCI)

Bace Cybersecurity Institute (BCI)

Bace Cybersecurity Institute focuses on understanding, empowering and taking action across four critical areas driving continual improvement toward a safer, more secure cyber world.

BrandShelter

BrandShelter

BrandShelter specializes in providing online brand protection for companies and trademark owners.

CoursesOnline

CoursesOnline

CoursesOnline.co.uk is a database listing IT security courses from providers across the UK.

Evina

Evina

Evina offers the most advanced cybersecurity and fraud protection for mobile payment.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.

Turngate

Turngate

Turngate simplify security investigations so you can see employee activities and entitlements in your enterprise in seconds.

Skillfield

Skillfield

Skillfield is a Melbourne based Cyber Security and Data Services consultancy and professional services company.

Symbiotic Security

Symbiotic Security

Symbiotic Security revolutionizes code security by integrating an AI-driven security coach directly within developers' IDEs.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.

Zynap

Zynap

Zynap is an Advanced AI-powered SaaS platform replicating cybercriminal tactics to predict, detect, and neutralize threats before they strike.