Fundamentals of Chinese Information

Warfare
LTCOL (RET)William Hagestad II
MSc Security Technologies
MSc Management of Technology
www.red-dragonrising.com
hagestadwt@red-dragonrising.com
Red-DragonRising.com

21st Century
Chinese Cyber
Warfare

ISBN:9781849283342
Red-DragonRising.com


1.Credit where credit is due.
2.Current Cyber News.
3.Peoples Republic of China
Informization
4.Unrestricted Warfarewar
without limits
5.Chinese Cyber Threat history
6.Conclusions
Red-DragonRising.com

Masters of this domain.

Attribution where credit is due.
Dr. James Mulvenon, Vice
President, Intelligence Division and
Director, Center for Intelligence
Research and Analysis, Defense
Group, Inc.
Mark Stokes, Executive Director,
Project 2049 Institute
Timothy Thomas, LTC US Army RET
Red-DragonRising.com

Current China Cyber

News

Chinese Firewall Maker, Hangzhou DPTech

Technologies booted from Microsoft Sharing
Program 3 MAY 2012, SC Magazine
US & the PRC must work to avoid cyber
conflict SECDEF Panetta8 MAY 2012
REUTERS
Huawei aims efforts at market leaders
Cisco, HP et al.10 MAY 2012, Network
Computing
PRC-Philippines Hacking War10 MAY 2012
Council on Foreign Relations

Red-DragonRising.com

Current China Cyber

News
10 MAY 2012
Philippines News
Agency (PNA),
Philippine
government's
news wire
service defaced
by hackers
suspected to be
from China

Red-DragonRising.com

Rules of Engagement (ROE)

1) Nothing is what it appears
2) literally means the middle
kingdom
3) The Peoples Liberation Army (
) controls everything
4) Capitalist economically, communism
remains the political bedrock
5) Keep your friends close but enemies
closer ~ Sun Tzu
6) Mandarin Chinese an easy language
Brilliant Cryptography
7) Kinetic military capability not yet
fully developed
Red-DragonRising.com

Red-DragonRising.com

Who is China?

Red-DragonRising.com

Bottom Line Up Front The

BLUF

1.The Peoples Liberation Army (PLA) is pursuing the means to seize and occupy the information high
ground;
2.The rapid development of a comprehensive C4ISR (Command, Control, Computers,
Communications, Information, Surveillance & Reconnaiscance) infrastructure, is a focus of PLA efforts
currently underway;
3.PLA is trying to unify disparate information systems to enable coordination between geographically dispersed
units in order to attain near total situational awareness of the battlespace while limiting an
adversarys ability to do the same;
4.PLA is trying to reach information dominance early and using it to enable and support other PLA
operations throughout a conflict;
5.Tactical level employment of computer network attack (CNA) tools used with sufficient precision
can achieve dramatic strategic outcomes with the potential to alter a campaign &, conversely, as
the PLA deploys more sophisticated information systems growing increasingly reliant upon them
for successful military operations, it must also protect itself from the same network vulnerabilities
as its high-tech adversaries;
6.PLA is augmenting its developing computer network operations (CNO) capabilities by relying on
inputs from Chinas commercial IT industry, academia, and civilian and military research
institutions;
7.Huawei, Zhongxing (ZTE), and Datang maintain relationships with the PRC government;
In summary - recent developments in Chinese computer network operations applications & research
and development point to a nation fully engaged in leveraging all available resources to create a
diverse, technically advanced ability to operate in cyberspace as another means of meeting military
and civilian goals for national development.

Computer network operations have assumed a strategic

significance
for the Chinese leadership that moves beyond solely
Occupying the Information High Ground: Chinese Capabilities for Computer
military
isEspionage
being broadly
applied
to assist
Networkapplications
Operations andand
Cyber
NORTHRUP
GRUMMAN
March with
7,
Red-DragonRising.com

Chinese Methodology?
Chinese web bots performing
reconnaissance, gathering info on web
content;
PRC bots so intrusive, servers scanned
IOT determine servers purpose and
functions
Majority of Internet traffic from the Peoples
Republic of China, and included both.
Hits on servers (short pings on new servers);
and,
Detailed examination looking for ports or access
points
Red-DragonRising.com

Chinese
motivation?
Fear of foreigners.

Self-preservation and,
Hegemony ( )..

A perfect description of the

Communist Party of China (CPC)
..implied power of the Chinese
state subordinates every element
of modern Chinese
Society
including threats by..
Falun Gong..Blind Dissidents
disaffected
citizens.Regime Change
Red-DragonRising.com


Information Warfare (IW)
To achieve victory we must as far
as possible make the enemy blind
and deaf by sealing his eyes and
ears, and drive his commanders to
distraction by creating confusion
in their minds.
Mao Tse-Tung

Red-DragonRising.com

Official Statement of
Chinese IW
19 JUL 2010 (PLA daily) ordered by

President Hu Jintao to handle cyber threats

as China enters the information age, and to
strengthen the nation's cyberinfrastructure
General Staff Directorates (GSD)
Cyber Warfare Princelings
General Zhang Qinsheng
General Chen Bingde
General Ma Xiaotian
Vice Admiral Sun Jianguo
Major General Hou Shu sen
(PLA Daily), July 19, 2010; [Online] Available at: http://
english.peopledaily.com.cn/200007/21/eng20000721_46068.html
Red-DragonRising.com

PLA Cyber Tacticians

Major General Hu Xiaofeng, Deputy
Director, National Defense University,
Department of Information Warfare and Training
Command

Professor Meng Xiangqing, National

Defense University Institute for Strategic Studies

Goal is to achieve a strategic

objective
You have to meet my political
conditions or your government
will be toppled, or you promise
to
meet
some
of my political

, 2009;
[Online] Available
at:
http://www.thedarkvisitor.com/category/uncategorized/
Red-DragonRising.com

Red-DragonRising.com


Information Dominance..
Precise attack vectors of

1) planting information mines

2) conducting information reconnaissance
3) changing network data
4) releasing information bombs
5) dumping information garbage
6) disseminating propaganda
7) applying information deception
8) releasing clone information
9) organizing information defense
10) establishing network spy stations
Richard A. Clarke and Robert K. Knake, Cyber War. The Next Threat to National Security and What to Do about It, New York,
HarperCollins Publishers 2010, pp. 47 64

8 - Pillars of Chinese
Warfare
(
8 Principles
of )
"beyond-limits combined war
in Unrestricted Warfare
1) Omni directionality
2) Synchrony
3) Limited objectives
4) Unlimited measures
5) Asymmetry
6) Minimal consumption
7) Multidimensional coordination
8) Adjustment and control of the entire process
Unrestricted Warfare, Qiao Liang and Wang Xiangsui, Beijing: PLA Literature and Arts Publishing House, February 1999
(Simplified Mandarin Chinese version)

Tell me more
about these
Chinese
hackers.
Red-DragonRising.com

 - CPC
Codified cyber warfare in 2010
protect national infrastructure from
external cyber threats President Hu
Jin tao
President Hus successor Xi Jin ping .

CPC + PLA x
information technology
superiority = Chinas
Red-DragonRising.com

 - PLA
500 BC Sun-Tzus Art of War basis
Sun Pings Military Methods
1995 - Major General Wang Pufeng
founding father of Chinese
Information Warfare (IW)
1999 - War Without Limits
PLAAF Senior Colonels Qiao Liang &
Wang Xiangsui
2002 - PLA's IW strategy
spearheaded by Major General Dai
Red-DragonRising.com


State Owned Enterprises
China Telecom owned by the CPC,
operated by the PLA
Huawei owned by former PLA officer
direct links to the PLA however NOT the CPC
ZTE based in Shenzhen, Guangdong
Province
China Petroleum & Chemical Corp
SinoChem
China National Petroleum Corp
China National Pharmaceutical Group
Red-DragonRising.com

 - Hacktivists
Originally supported by CPC & PLA
Now uncontrollable.Golden Shield Project

Reinforce PRCs nationalism via the

web
Taiwan, the renegade Chinese Province
Punishing Japan for WWII war crimes
Coderas anti-Chinese web rhetoric

Red-DragonRising.com

Red-DragonRising.com

Chinese Perspective.
16 AUG 2011 - Peoples Tribune Magazine( )
publishes several articles
Four are very troublesome for the U.S.
A Sovereign Country Must Have Strong Defense by
Min Dahong, director of the Network & Digital Media
Research Office @ China Academy of Social Sciences;

Americas Pandoras Box Cyber Strategy Confuses th
e World
by Shen Yi - Fudan Universitys Department of
International Politics;
Cyber
Power Shuffles the Cards: How China Can Overtake t
he Competition
by Tang Lan, Institute of Information
and Social
http://www.rmlt.com.cn/qikan/201
Red-DragonRising.com

1-08-16/

13+ Years Chinese Cyber

Activity

1995 Major General Wang Pufeng describes attacking via Internet

1997 Major General Wang Baocuns 10 Features of Chinese InfoWar
1997 War Beyond Limits (Unrestricted Warfare) is written by 2 Senior Chinese Colonels
May 03, 2001 China warns of massive hack attacks
2002 - informatization campaign begins Chinese Communist Party (CCP) General Secretary
and Central Military Commission (CMC) Chairman Jiang Zemin, a speech before the 16th Party Congress
2003 - Titan Rain US DoD & Government websites targeted
2004 Japan targeted by Chinese over disputed Daiyu Islands
2007 GhostNet Global CnC network with IP addresses in Peoples Republic of China
2008 Byzantine Hades - targeted cyber operations against the U.S. government using social
engineering and malicious attachments and links in e-mail messages.
2008 - MI5 writes to more than 300 senior executives at banks, accountants and legal firms warning
them - the Chinese army is using Internet spyware to steal confidential information
2009 - Operation Aurora International Energy Industry targeted
2009 Night Dragon Global multinationals attacked via Internet
2010 Article - Should we be afraid of Chinese hackers?...Or lost cyber war?
2011 -US needs to get better at preventing foreign access to advanced technology
- GAO watchdogs find holes in high-tech access, licensing rules
2011 Chinese military CCTv-7 demonstrates GUI Hacking of University of Alabama
2011 Office of the National Counterintelligence Executive (ONCIX) Report indicates both
China & Russia target corporate intellectual property
2011 Operation Shady RAT FIVE year campaign of economic & intelligence data exfiltration
2012 Occupying the Information High Ground: Chinese Capabilities for Computer Network
Operations and Cyber Espionage NORTHRUP GRUMMAN March 7, 2012
2012 Chinese Technology Policy & Cyber Offensive Operations - April
2012 China & Philippines engage in mutual cyber attacks over Scarborough Shoals - April
Red-DragonRising.com

Conclusions
1)
Hegemony drives use information warfare in the cyber realm;
2)
Cyber-warfare is state sponsored; yet direct attribution is an illusion.
3)
Peoples Liberation Army plans cyber-warfare defensively & offensively;
4)
Cultural, economic, historical & linguistic thread drives Chinese cyber-warfare;
5)
The CPC, although advocating citizen hacking, can no longer control it;
6)
Commercial enterprises worldwide are permeable to Chinese cyber hacking in all its form &
methods Nortel Case Study;
7)
Chinese written malware, RATs, Botnets are undiscoverable.
8)
Mandarin Chinese (complex and simple) is an exceptional form of cryptographynot to
mention Classical / Literary Chinese.
9)
All commercial IPS are ineffective against Chinese based attacks;
10)
Peoples Republic of China cyber-warfare threat is serious & will only become much
worse..
11)
Diplomatic initiatives with a show of U.S. military force in ASIA PAConly option?

Red-DragonRising.com

Short & Long Term

Moves
Short & Long Term Focus on addressing high risks
of the Chinese Cyber Threat
Strategy/M
ove

Who

What/Why

How

BS = Business
Strategy
CS = Corporate
Strategy
IS = Innovation
Strategy
When
Cost
GS = Government
Strategy

BS, CS, IS &

GS Define
specific
Economic
Targets

US Dept of
Commerce
International
Undersecreta
ry

What are
most likely
targets of
economic
espionage

Work with commercial

industry to assist
defining possible loss of
business if they lost
their intellectual
property to China

Immediately,
then quarterly

Minimal

BS, CS & GS
Educate
employees
about
possibility of
data
exfiltration

Business &
Corporate
leadership
Chief Security
Officers

Awareness
of
persistent
threat of
economical
cyber war

Design educational
awareness programs to
address identifying,
reporting and
mitigating foreign
information exfiltration
threats

Immediately,
then monthly

Nominal

BS, CS & IS
Create a
universal
defense-indepth policy

ICW security
software &
hardware
manufacturer
s

Protect
critical
Design a defense-ininfrastructur depth standard that
e against
protects Critical
Chinese
Economic & National
Cyber
Infrastructure
ThreatsRed-DragonRising.com

Immediately,
then ongoing

Nominal
to very
expensi
ve

References
1) Cyber Silhouettes: Shadows Over
Information Operations, Timothy Thomas,
Foreign Military Studies Office (FSMO), Fort
Leavenworth, Kansas
2) Decoding the Virtual Dragon, Timothy Thomas,
Foreign Military Studies Office (FSMO), Fort
Leavenworth, Kansas
3) The Chinese Peoples Liberation Army
Signals Intelligence and Cyber
Reconnaissance Infrastructure, Mark A. Stokes,
Jenny Lin and L.C. Russell Hsiao, Project 2049
Institute

Red-DragonRising.com

21st Century
Chinese Cyber
Warfare

Available :
ISBN:9781849283342
Red-DragonRising.com

Red-DragonRising.com