The Pentagon has come out and said it: “China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs.”
With the release of its annual report to Congress about the military and security developments involving the People’s Republic of China, they have publicly and officially stated that which the White House has previously failed to do.
Still, there can be no doubt that this move was approved by the Obama administration, and should be considered just a roundabout, less forceful way of finally pointing the finger in China’s direction.
“In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military. These intrusions were focused on exfiltrating information,” it is claimed in the report
“The information targeted could potentially be used to benefit China’s defense industry, high technology industries, policymaker interest in US leadership thinking on key China issues, and military planners building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis. Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks.”
The Pentagon says that developing cyber capabilities for warfare is consistent with authoritative PLA military writings, and that China considers information warfare essential to “achieving information superiority and an effective means for countering a stronger foe.” But what really seems to bother them is that these documents don’t identify “the specific criteria for employing computer network attack against an adversary.”
The report goes on to say that they believe the Chinese are investing much more than it is officially stated in the development of measures to deter or counter third-party intervention, and the U.S. worries that their reach in the Pacific would be curtailed.
Finally, they pointed out that China is also hard at work when it comes to diplomatic engagement and advocacy in international forums discussing cyber issues.
“Beijing’s agenda is frequently in line with Russia’s efforts to promote more international control over cyber activities. China and Russia continue to promote an Information Security Code of Conduct that would have governments exercise sovereign authority over the flow of information and control of content in cyberspace,” they say. “Both governments also continue to play a disruptive role in multilateral efforts to establish transparency and confidence-building measures in international fora such as the Organization for Security and Cooperation in Europe (OSCE), ASEAN Regional Forum, and the UN Group of Governmental Experts.”
Chinese foreign ministry spokeswoman Hua Chunying has stated that the report was “making irresponsible comments about China’s legitimate and normal defence-building and hyping up the so-called idea of a China military threat,” and that “this behavior is not conducive to mutual trust or cooperation.”