Chinese Military Hackers Attack Foreign Government Computers?

By  Xu Wu

First Germany, then United States, then France, then Australia. One after another, countries join the chorus accusing that China’s People’s Liberation Army (PLA) was behind the recent malicious attempts to hack into foreign governments’ computer systems. Although by no means bullet-proof, most of the reports, or at least their normally anonymous sources, hinted two “facts”: first, these hacking activities were carried out by Chinese military or its affiliated agencies; second, the Chinese government, or more specifically, some top-level officials, knew about and support these operations. Although not a computer expert, I found both the premises, and the logic, not to mention the conclusion, are problematic.

Suppose, (1) that these hacking activities did occur as accused—let’s ignore the suspicious two- to three-month time lag between the crime and the disclosure; (2) that this kind of online activities is universally rejected, forbidden, loathed, and demeaned, and no civilized country on the earth will engage in this type of low-class, immoral information-gathering intrusions; (3) that these attempts did originate physically from China—(let us just pretend the above conditions are all met, for the sake of discussions)—I still could not figure out how they pinpointed China’s military as the guilty party and blamed the Chinese government for the wrongdoing.    

Here are my reasons, from the technologically amateurish to the politically incorrect. 

First, every morning while sitting before my office computer and checking my online inbox, I have to delete those admirably persistent spam e-mails, normally with a weird name and address. The online administrator at my institution has promised and updated many times the filtering software, but, on average, I still receive more trash e-mails than the useful ones. If the spam spreaders can somehow find a way to evade the cat-and-mouse cyber chase and hide their identities, I don’t know why the “quasi-formidable” Chinese military cyber geeks can not hide. If they are technologically savvy enough to break into some of the most sophisticated computer systems in the world, shouldn’t they know how to use proxy software and other hacking tools to erase the trace? 

Second, even if the perpetrators are indeed Chinese citizens living inside China (Guangzhou and Lanzhou, to be more specific), how can the accusers identify with certainty that those perpetrators were PLA agents, operating with the support of the government? Why couldn’t they be a small group of technologically savvy “cyber nationalists” who initiated these rampant and bald moves? Let us not forget, there are over 140 million online users in China, half of them using broadband fast-speed Internet surfing online. If you still think this scenario is unlikely, take a look at several “historical” events occurred not so long ago. In May 1999, when the news broke that Chinese Embassy in Belgrade was bombed by a U.S. B-2 stealth bomber, a group of self-organized Chinese hackers defaced the website of the U.S. Embassy in China within 12 hours, and knocked out of service the White House’s official website, the first time in its history. Two years later, when diplomats from China and United States were busy tangling on the most appropriate way to say “sorry” over the spy-plane collision incident, an estimated number of 80,000 Chinese hackers participated in the so-called “Red May Self-Defense Cyber Warfare,” fighting with an unknown number of American hackers. Several thousands of business, educational, governmental, even military websites on both sides fell prey to this unprecedented massive cyber-nationalistic anger. In a summary report, New York Times reporter even named this online conflict the “World Wide Web War I.”

It has become a thinking pattern among many Western observers that anything happened in China was the result of Chinese government’s or PLA’s calculated maneuver. Even this assumption seems reasonable twenty years ago, it is fairly outdated nowadays, given the breathtaking development and diversification in China’s economic, societal, cultural, and even political decision-making sectors. A couple of months ago, two Chinese young scholars in different occasions voiced their personal opinions on China’s huge foreign reserve. Because their position was different from the official line, a rain of protests, accusations, warnings, demands were filed in front of Chinese government’s doorsteps. If an American economist can have his or her different view on financial policy, why can’t a Chinese scholar? If opposing China’s political policy belongs to the “freedom of speech,” why opposing China’s monetary policy becomes a “foolhardy” troublemaker?

An interesting analogy can also be made between these online hacking incidents and the ongoing safety issues involving the “made-in-China” products. Yes, those defective products were made in China, but they were not made by the “Chinese government.” Although the government shares the burden of enforcing high-quality regulations, it is those tens of thousands of manufacturers or even those American importers who should be blamed for the lack of quality control and inspection. Also, although the label says “made-in-China,” it is, to a large extent, only assembled in China. In other words, just like those evasive online hackers, unless you catch them blood in hands, who knows where they are from, who they are, and what they are doing for?

Xu Wu is assistant professor of strategic media and public relations at Arizona State University and author of Chinese Cyber Nationalism: Evolution, Characteristics, and Implications.

Comments

Actually, I have to agree with Prof Xu. The Red Hacker Alliance (Chinese Nationalist Hacker Organization) has over 300,000 members and has claimed responsibility for many attacks. The Trojan noted (Grey Pigeon) by security investigators in the UK case, was developed by the Red Hacker Alliance. As a matter of fact, they just released the newest version of Grey Pigeon.

Of course this doesn't mean that the PLA doesn't have a branch involved in cyber operations because they do, they have said so. However, I would say that the events reported in the news and comments made by "experts" are not well founded. My feeling is that these attacks were carried out by the Red Hacker Alliance.

Posted by: Scott | November 14, 2007 at 09:24 PM

Prof. Xu Wu says he is not a computer expert, but that has not stopped him from written an academic book on Chinese "cyber nationalism". He now wants to cast doubt on the reliability of separate reports from no fewer than FOUR different countries, all of which have pointed to Chinese official sources of cyber intrusion and illegal intelligence gathering. He refers to the recent criticism of defective Chinese exports as somehow parallel to the allegations of computer intrusion. Prof. Xu's contorted and very specious logic will surely not convince any but the most naive readers.

Posted by: Thomas Bartlett | September 15, 2007 at 12:35 PM