China's cyberwar capabilities 'fairly limited,' says expert

/ Source: SecurityNewsDaily

The international threat posed by state-sponsored Chinese cyberspies is not nearly as serious as it's generally thought to be, an Australian professor contends.

In his paper, "China's Cyber Warfare Capabilities," Desmond Ball, a professor in the Strategic and Defence Studies Centre at the Australian National University, argues that China's cyberespionage tools are "relatively unsophisticated," even though they've been extensively deployed for more than 10 years against several nations, including the U.S. U.K., Canada, Germany and Iran.

"China's demonstrated offensive cyberwarfare capabilities are fairly rudimentary," Ball wrote.

Although Chinese hackers have performed denial-of-service attacks, defaced websites and stolen sensitive data from high-profile companies such as Google and Morgan Stanley in the "Operation Aurora" attacks, the hackers' traditional weapons make their attacks easy to spot and prevent.

"[Hackers] have evinced little proficiency with more sophisticated hacking techniques," Ball wrote. "The viruses and Trojan Horses they have used have been fairly easy to detect and remove before any damage has been done or stolen. There is no evidence that China's cyberwarriors can penetrate highly secure networks or covertly steal or falsify critical data."

In reference to attacks on power plants, oil refineries, smart grids and other highly sensitive control facilities, Ball believes Chinese hackers "would be unable to systematically cripple selected command and control, air defense and intelligence networks and databases of advanced adversaries, or to conduct deception operations by secretly manipulating the data in these networks."

Another hindrance to China's supposed cyberwarfare capabilities is the advanced anti-virus and network security programs available to the Western countries China has targeted. Coupled with that is Ball's assertion that China's own subsection of the Internet, while stringently managed by the government, is rife with security vulnerabilities.

Ball cited a 2003 survey conducted by China's Ministry of Public Security (MPS), which showed that 85 percent of computers in China were infected with a virus. He also referenced a list of the top 100 viruses found at the beginning of 2011, which detailed that China was the "most affected" country, with nearly all the top 100 viruses originating in the country.

Instead of attacking foreign nations, Ball said the Chinese Internet hackers are instead focusing on scaling the country's "Great Firewall," a government-operated Internet censorship and surveillance operation.

Ball quoted James A. Lewis, a cyberwarfare expert at the Center for Strategic and International Studies in Washington, D.C., who said, "For all the effort the Chinese put into cybercompetition, external efforts are second priority. The primary priority is domestic control and regime survival. The external part is a side benefit."