Taiwan says it faces 5 mn cyberattacks daily: A look at China’s cyber capabilities, what it means for India
By employing cyberwarfare during a military conflict, China has permanently changed the long-established rules of border conflicts with India
A recent Pentagon report on China's increased military capacities that singled out Beijing's growing cyber capabilities as a destabilising factor in the Asia Pacific has left the West wringing its hands.
Meanwhile, three things are happening simultaneously that can impact the fragile peace in the neighbourhood.
- Taiwan has revealed that it has been facing around five million cyber-attacks and probes each day.
- India has seen a 261 percent annual increase in Chinese-backed cyber attacks, as of August 2021.
- China has been deflecting the blame by accusing India of a failed hacking attempt, unleashing a vitriolic attack via its State-owned newspaper.
All these developments combined have brought back focus on how nuclear-powered China is shoring up its capacity to not only win a traditional war but has also been sharpening its arsenal of asymmetric warfare.
What's happening in Taiwan?
Taiwan, the island nation that has steadfastly defended its independence when other 'autonomous' states seemed to have folded under pressure, has accused Beijing of ramping up cyberattacks since the 2016 election of President Tsai Ing-wen, who views the island as a sovereign nation.
Speaking in parliament, cyber security department director Chien Hung-wei said Taiwan's government network faces "five million attacks and scans a day". A scan in cyber security refers to an attempt to locate weaknesses in a server. "We are strengthening the government's defensive measures and collecting relevant data for analysis in a bid to stop the attacks when they are initiated," Chien told lawmakers.
The ministry's information security and protection centre detected and handled around 1.4 billion "anomalies" from 2019 to August 2021 to prevent potential hacking, according to the report.
Last year, Taiwanese authorities said Chinese hackers infiltrated at least 10 Taiwan government agencies and gained access to around 6,000 email accounts in an attempt to steal data.
Beijing views democratic Taiwan as part of its own territory and has vowed to one day seize the island, by force if necessary.
China's cyber-warfare capacity
The Chinese cyberwarfare department’s multiple agencies and individuals are at least a decade ahead of us in seriously working towards the overall objective of instantly disrupting or at least weakening the adversary’s computer networks so as to paralyse their decision-making capability at the very commencement of hostilities.
This means that the country can hack into defence servers, stealing or sabotaging available intel; it can also very well access public services, disrupting day to day life and ensuring chaos in the targetted territory to impact governments' ability to respond to border transgressions as it combats deliberately created domestic crises.
In a paper titled China’s Cyber Warfare Capability and India’s Concerns, published in the Journal of Defence Studies, the author reports that the Chinese are already training their military personnel in Information Warfare. China's PLA Science and Engineering University have dedicated courses for the same and it serves as a centre for defence-related scientific, technological, and military equipment research. The university also provides advanced information warfare and networking training.
Revealing grim details about the inner architecture of their cyber warfare department, the paper states that China has dedicated information warfare militia units in place.
One unit, referred to as the 4th department of General Staff Department of People's Liberation Army, is responsible for identifying and launching offensive missions for both computer network attack (CNA) and Electronic Warfare (EW). Another unit, called the 3rd department of GSD, intelligence-gathering responsibilities which include snooping, industrial espionage, intellectual property theft etc.
Is the threat real?
Yes. Media reports and past evidence already exist that point out that key Indian IT infrastructure has been a target of Chinese hackers.
The paper cited above lists a few dating as far back as 2009:
On 19 January, 2010, MK Narayanan, the then National Security Advisor of India, in an interview with Time magazine, revealed that his office and other government departments were targeted on 15 December, 2009, the same date on which Google reported sophisticated cyber attacks from China. A Trojan virus that allows a hacker to access a computer remotely and download or delete files was embedded in an e-mail PDF attachment. The virus was detected and officials were told not to log on until it was eliminated.
It was suspected to be of Chinese origin though China, of course, denied any role in such an attack on Indian systems.
There have also been other instances of cyber attacks in the past, on the sites/computers of the ministry of external affairs (MEA), ministry of home affairs (MHA), and ministry of defence (MoD) by unknown hackers.
Besides the above, a US-based cybersecurity company Recorded Future in June 2021 revealed details of a sophisticated cyber campaign by Chinese agents, which it said was a clear retribution for the military flare up at LAC during last summer.
Targets included electric power organisations, seaports, railways, police servers, Bennett and Coleman media group, and the Unique Identification Authority of India, or UIDAI — the government agency that oversees the Aadhaar database.
The US-based firm said that it detected about 10 megabytes of data downloaded from the UIDAI network and almost 30 megabytes uploaded “possibly indicating the deployment of additional malicious tooling from the attacker infrastructure.” It suggested such a database could be used by hackers to identify “high-value targets, such as government officials, enabling social engineering attacks or enriching other data sources.”
UIDAI denied the attack saying that it had no knowledge of a “breach of the nature described", however, Bennett and Coleman accepted the existence of the threat, adding that it also received information on the suspected hack from CERT-In, the government agency that deals with cybersecurity threats.
What does this mean for regional peace and security?
Chinese authorities have consistently denied any form of State-sponsored hacking and said China itself is a major target of cyberattacks. However, by employing cyberwarfare during a military conflict, China has permanently changed the long-established rules of border conflicts.
India and China, had, by and large, adhered to the strict code of not firing a bullet at the LAC since the 1962 war (barring a single exception during Ladakh standoff in 2020)
But, by attacking Indian servers instead, China has set a precedent for the future.
It is true that China had successfully made similar transgressions against other nation states like Taiwan and US. But the context of the Indian attack and even the choice of targets add a sinister undertone for the already fragile regional peace. India can argue that the Chinese attackers deliberately chose to strike civilian infrastructure rather than targeting military servers.
An article in The Diplomat argued that what sets the Indian hack apart from prior cyber operations is the intended effect of the operation: Prior signalling cyber operations were acts of digital vandalism, yet in this case, the campaign aimed to have a destructive, or at least disruptive, impact in the physical domain.
"This set of events indicates that China is now willing to reset the rules of the cyber game in the Indo-Pacific. Such a reset has the potential to increase confrontation in the Sino-Indian conflict and thereby impact conventional regional security balances. By conducting such disruptive cyberattacks, China has now escalated the conflict closer to a national-level military conflict, away from the initial narrow geographical focus on the border region, the article states.
How do Chinese cyber powers stack up against India and the world?
Unlike the US, the Indian government does not put in the public domain periodic threat assessment reports so we have to rely on international assessments to gauge how India's defence system compares to the Chinese. Recently, researchers from the International Institute for Strategic Studies (IISS) put India among third-tier countries on a spectrum of cyber warfare capabilities whereas China was ranked in the second tier.
The US was the only country that made it to the top tier.
The study also highlighted that China’s cyber power is at least a decade behind the US.
According to the IISS, China and Russia have proven expertise in offensive cyber operations like conducting online spying, intellectual property theft and disinformation campaigns against the US and its allies. However, both countries were held back by "comparatively loose cybersecurity compared with their competitors."
However, not all accounts of US cybercapabilites are as flattering as above. According to US' own account, Chinese hackers have been able to breach its security firewalls in the past.
In April 2020, the US Treasury, Department of Homeland Security, State Department, and Department of Defense were compromised in the SolarWinds hack. Hackers were able to spy on the digital activities of staff and access some of their emails, as per Business Insider.
On 19 July, 2021, the White House released a statement attributing recent Microsoft Exchange server exploitation activity to the Chinese Ministry of State Security (MSS). These activities resulted in the theft of trade secrets, intellectual property, and other high-value information from companies and organizations in the United States and abroad, as well as from multiple foreign governments.
Another rather embarrassing scoop on US cyber defence capabilities was handed over to the media by a former Pentagon official. Nicolas Chaillan, who was appointed as the first chief software officer US Air Force, resigned last month, publicy castigating the world superpower for its alleged lethargic attitude in diverting money and resources to shore up defence.
His job was to equip US Air Force and the Pentagon with the most secure and advanced software available but he quit frustrated because he was "just tired of continuously chasing support and money" to do his job.
In a departing post on LinkedIn, he said he resigned from his post "because it isn’t worth fighting the entire bureaucracy of the Department of Defense just to get some basic information technology issues fixed."
In a later interview with The Financial Times, he said China was far ahead of the US.
"We have no competing fighting chance against China in fifteen to twenty years. Right now, it's already a done deal; it is already over in my opinion," said the former chief of software for US Air Force. Chaillan went on to say that the AI capabilities and cyber defenses of some government departments were at "kindergarten level,"
In contrast, Chaillan said that private cyber and AI companies were at Beijing's beck and call. China is aiming to become the leading AI superpower by 2030, and a March report from the National Security Commission on Artificial Intelligence said the US was "not prepared to defend the United States in the coming artificial intelligence (AI) era."
Comments