[Infowarrior] - China Alarmed by Security Threat From Internet
Richard Forno
rforno at infowarrior.org
Fri Feb 12 13:30:05 UTC 2010
February 12, 2010
China Alarmed by Security Threat From Internet
By SHARON LaFRANIERE and JONATHAN ANSFIELD
http://www.nytimes.com/2010/02/12/world/asia/12cyberchina.html?hp=&pagewanted=print
BEIJING — Deep inside a Chinese military engineering institute in
September 2008, a researcher took a break from his duties and decided
— against official policy — to check his private e-mail messages.
Among the new arrivals was an electronic holiday greeting card that
purported to be from a state defense office.
The researcher clicked on the card to open it. Within minutes,
secretly implanted computer code enabled an unnamed foreign
intelligence agency to tap into the databases of the institute in the
city of Luoyang in central China and spirit away top-secret
information on Chinese submarines.
So reported Global Times, a Communist Party-backed newspaper with a
nationalist bent, in a little-noticed December article. The paper
described the episode as “a major security breach” and quoted one
government official who complained that such attacks were “ubiquitous”
in China.
The information could not be independently confirmed, and such leaks
in the Chinese news media often serve the propaganda or lobbying goals
of government officials.
Nonetheless, the story is one sign that while much of the rest of the
world frets about Chinese cyberspying abroad, China is increasingly
alarmed about the threat that the Internet poses to its security and
political stability.
In the view of both political analysts and technology experts here and
in the United States, China’s attempts to tighten its grip on Internet
use are driven in part by the conviction that the West — and
particularly the United States — is wielding communications
innovations from malware to Twitter to weaken it militarily and to
stir dissent internally.
“The United States has already done it, many times,” said Song
Xiaojun, one of the authors of “Unhappy China,” a 2009 book advocating
a muscular Chinese foreign policy, which the party’s propaganda
department is said to promote. He cited the so-called color
revolutions in Ukraine and Georgia as examples. “It is not really
regime change, directly,” he said. “It is more like they use the
Internet to sow chaos.”
State media have vented those concerns more vociferously since
Secretary of State Hillary Rodham Clinton last month criticized China
for censorship and called for an investigation of Google’s assertion
that its databases had been the target of a sophisticated attack from
China. “China wants to make clear that it too is under serious attack
from spies on the Internet,” said Cheng Gang, author of the Global
Times article.
Despite China’s robust technological abilities, its cyberdefenses are
almost certainly more porous than those of the United States, American
experts say. To cite one glaring example, even Chinese government
computers are frequently equipped with pirated software from
Microsoft, they say. That means many users miss out on security
upgrades, available to paying users, that fix security breaches
exploited by hackers.
Cybersecurity is a growing concern for most governments. While the
United States probably has tighter defenses than China, for example,
experts say it relies more heavily on computers to run its
infrastructure and so is more vulnerable to an attack.
But for China, worries about how foreign forces might employ the
Internet and other communications advances to unseat the Communist
Party are a salient factor in the government’s 15-year effort to
control those technologies. Chinese leaders are constantly trying to
balance the economic and social benefits of online freedoms and open
communications against the desire to preserve social stability and
prevent organized political opposition.
A distinct shift in favor of more comprehensive controls began nearly
two years ago and hardened over the past six months, analysts say.
New policies are intended to replace foreign hardware and software
with homegrown systems that can be more easily controlled and
protected. Officials are also expanding the reach and resources of
state-controlled media outlets so they dominate Chinese cyberspace
with their blogs, videos and news. At the same time, the government is
beefing up its security apparatus. Officials have justified stronger
measures by citing various internal threats that they say escalated
online. Among them: the March 2008 riots in the Tibetan capital,
Lhasa; reported attempts to disrupt the August 2008 Olympic Games and
the amassing of more than 10,000 signatures supporting a petition for
human rights and democratic freedoms, an example of how democracy
advocates could organize online.
Especially alarming to officials, analysts say, was the role of the
Internet in ethnic riots last July that left nearly 200 people dead
and more than 1,700 injured — the worst ethnic violence in recent
Chinese history. Government reports asserted that terrorists,
separatists and religious extremists from within and outside the
country used the Internet to recruit Uighur youth to travel to Urumqi,
the capital of western China’s Xinjiang region, to attack ethnic Han
citizens.
In August, security and propaganda officials briefed China’s ruling
Politburo on their view of how the Xinjiang riots developed, according
to one media executive with high-level government ties. The executive
spoke on the condition of anonymity for fear of retribution for
discussing delicate political topics.
China’s leaders also reviewed how Iranian antigovernment activists
used Twitter and other new communication tools to organize large
street demonstrations against President Mahmoud Ahmadinejad over the
summer. He said Chinese leaders saw the Iranian protests as an example
of how the United States could use the new forms of online
communication in a fashion that could one day be turned against China.
“How did the unrest after the Iranian elections come about?” People’s
Daily, the Communist Party’s official newspaper, asked in a Jan. 24
editorial. “It was because online warfare launched by America, via
YouTube video and Twitter micro-blogging, spread rumors, created
splits, stirred up and sowed discord.”
Since the unrest in Iran and Xinjiang, Chinese leaders accelerated a
raft of new initiatives, including closing thousands of Web sites,
tightening censorship of text messages for lewd or “unhealthy” content
and planning to converge China’s Internet, phone and state television
networks. They are also carefully cultivating homegrown alternatives
to foreign computer technologies and foreign-based Web sites like
YouTube, Facebook and Twitter, all of which Chinese censors now block.
The government says it needs the new controls to fight pornography,
piracy and other illegal activity.
In November, nearly 300 government officials and technicians gathered
in Beijing for a seminar that stressed China’s vulnerability in
cyberspace.
“It is a long-existing reality that the West is stronger than us in
terms of information security,” said the seminar training manual,
posted on the Web site of the Ministry of Public Security.
“Most of the key technology and products in the information security
sphere are held in the hands of Western countries, which leaves
China’s important information systems exposed to a bigger chance of
being attacked and controlled by hostile forces,” the manual said.
The risks of dependence on foreign-made software became clear in 2008
after Microsoft deployed a new antipiracy program aimed at detecting
and discouraging unauthorized users of its Windows operating system.
In China, where an estimated four-fifths of computer software is
pirated, the program caused millions of computer screens to go dark
every hour and led to a public outcry.
New government procurement rules require state buyers to give
preference to Chinese-made computers and communication products, among
other supplies and services. But James Mulvenon, director of the
Center for Intelligence Research and Analysis, a Washington-based
consulting firm, said such orders were typically ignored.
James A. Lewis, director of the Center for Strategic and International
Studies, a Washington-based research group, said China was caught
between contradictory goals. The authorities want to keep using
superior Western software so they can engage in espionage and defend
themselves against foreign infiltration. “But at the same time they
want to use indigenous software, which is not up to par,” he said.
But China is pushing hard to catch up. Mr. Mulvenon describes China as
“absolutely the world leader” in development of Internet Protocol
Version 6 (IPv6) — the successor to the current Internet.
Some suggest China aims to develop a more autonomous system equipped
with stronger firewalls and filters. China’s leaders “have always had
the ambition to develop the capability of one big domestic Intranet
that they could manage more easily, if need be,” one Communist Party
newspaper editor said. But others suggest China is merely trying, like
other nations, to respond to the reality that the existing IPv4 global
Internet, in which the United States commands a disproportionate share
of addresses, will soon run out of space.
The clearest evidence of China’s determination to wield greater
control was the virtual communications blackout imposed over Xinjiang
for six months after the July riots. Nineteen million residents in a
region more than twice as big as Texas were deprived of text-messaging
service, international phone calls and Internet access to all but a
few government-controlled Web sites. The damage to tourism and
business, not to mention the disruption to everyday life, was
significant.
Hu Yong, a Beijing-based media expert, said the government was no
longer as worried as it once was about the economic impact of
electronic communication controls.
“Now that is more secondary to their concerns about political and
social stability,” he said.
John Markoff contributed reporting from San Francisco, and Zhang Jing
and Xiyun Yang contributed research from Beijing.
More information about the Infowarrior
mailing list