Thursday, April 18, 2013


'DHS' DOES CHINESE
   
strategypage  April 13, 2013:

Noting the Chinese success at finding and recruiting hackers while they are young (via national contests to find and reward the best new talent) the U.S. DHS (Department of Homeland Security) is going to try the same thing. The DHS does have a reputation for being inept and bad at planning, so it’s doubtful they will be able to pull this off. But someone at DHS demonstrated some insight (by noting what the Chinese were doing) and initiative (getting some serious attention paid to copying the Chinese techniques.) China has a lot of successful Cyber War practices worth copying.

Even before the Internet reached China in 1987, many Chinese studying or working in the United States were already aware of it, and its potential. A decade later Internet use began growing rapidly and that’s when some Chinese officials saw in the Internet unprecedented espionage opportunities.

China has been hacking away at U.S. targets for over a decade now and shows no signs of slowing down, despite growing U.S. efforts to erect better defenses. In addition to recent attacks on American media companies, China has also launched well organized and very deliberate attacks on American defense companies and specific Department of Defense computer networks. Even when caught in the act, the hackers often got away with a lot of valuable material.

China manages to muster all this hacker talent by vigorously recruiting patriotic Chinese Internet experts to hack for the motherland. China is one of many nations taking advantage of the Internet to encourage, or even organize, patriotic Internet users to provide hacking services for the government. This enables these thousands of hackers to be directed (unofficially) to attack targets (foreign or domestic).

These government organizations arrange to identify, train and mentor hackers found to have potential to become highly effective hackers. China has helped identify and train over a million potential ace hackers so far. Most turn out to be minor league at best, but the few hundred hotshots identified are put to work plundering foreign networks.

In this they are assisted by thousands of less talented, but equally eager, hackers.

While many of these Cyber Warriors are rank amateurs, even the least skilled can be given simple tasks. And out of their ranks emerge more skilled hackers, who can do some real damage.

These hacker militias have also led to the use of mercenary hacker groups, who will go looking for specific secrets, for a price. Chinese companies are apparently major users of such services, judging from the pattern of recent hacking activity and the fact that Chinese firms don't have to fear prosecution for using such methods, at least not as much as in the West.

China pioneered the militia concept in the late 1990s, when their Defense Ministry established the "NET Force." This was initially a research organization, which was to measure China's vulnerability to attacks via the Internet. Soon this led to examining the vulnerability of other countries, especially the United States, Japan, and South Korea (all nations that were heavy Internet users).

NET Force has continued to grow. NET Force was soon joined by an irregular civilian militia, the "Red Hackers Union" (RHU). These are over half a million patriotic Chinese programmers, Internet engineers, and users who wished to assist the motherland and put the hurt, via the Internet, on those who threaten or insult China.

The RHU began spontaneously in 1999 (after the U.S. accidentally bombed the Chinese embassy in Serbia) but the government soon assumed some control, without turning the voluntary organization into another bureaucracy. The literal name of the group is "Red Honkers Union," with Honker meaning "guest" in Chinese. But these were all Internet nerds out to avenge insults to the motherland.

Various ministries have liaison officers who basically keep in touch with what the RHU is up to (mostly the usual geek chatter) and intervene only to "suggest" that certain key RHU members back off from certain subjects or activities. Such "suggestions" carry great weight in China, where people who misbehave on the web are very publicly prosecuted and sent to jail.

For those RHU opinion-leaders and ace hackers that cooperate, there are all manner of benefits for their careers, not to mention some leniency if they later get into some trouble with the authorities.

Many government officials fear the RHU, believing that it could easily turn into a "counter-revolutionary force." So far, the Defense Ministry and NET Force officials have assured the senior politicians that they have the RHU under control.

All nations with a large Internet user population have these informal groups, but not all nations have government guidance and encouragement to make attacks. When there are tensions between nations with large number of Internet users, it almost always results in the "hacker militias" of both nations going after each other.

The U.S. has one of the largest such informal militias but there has been little government involvement. That is changing. The U.S. Department of Defense, increasingly under hacker attack, is now organizing to fight back, sort of.

No comments:

Post a Comment