TAIPEI — Despite allegations by Edward Snowden that the US intelligence community has created an Orwellian nightmare capable of penetrating Chinese computers with ease, there is still plenty to fear from Chinese cyberattacks.
China divides cyber into two target areas: political and military, said Jun Isomura, a senior fellow at the Hudson Institute, a Washington think tank. On the political side, China’s cyber efforts focus on the White House, State Department, Energy Department and the Office of the US Trade Representative, among others.
Military targets include the entire US defense community, including US intelligence and the defense industry. Law firms contracted with major US defense contractors and the Pentagon are “quite vulnerable,” he said.
The People’s Liberation Army has the US military and government network “well pinged,” Isomura said. “They know where they should attack. And they know both classified and unclassified networks well.”
Disrupting the Pentagon’s unclassified Non-secure Internet Protocol Router Network (NIPRNET) could slow the response time of the US military during a crisis. Larry Wortzel, a commissioner of the congressionally appointed US-China Economic and Security Review Commission, said NIPRNET carries vital logistical, personnel and unit movement data.
Another area of focus would be command and control nodes and assets, said Derek Reveron, a national security affairs professor at the US Naval War College. Reveron, who wrote the book “Cyberspace and National Security,” said he is skeptical the US would “wage war with its second largest trading partner and significant holder of US Treasury notes.”
US command and control networks, such as Pacific Command, North American Aerospace Defense Command and “militarily critical infrastructure would be difficult to bring down,” said Mark Stokes, a China military specialist at the Project 2049 Institute, Arlington, Va.
China’s cyber capabilities will form part of its “larger deterrent posture and [help] continue its cyber espionage campaign,” Reveron said. He noted that even in a limited conflict, “all US adversaries attempt to target command and control nodes and assets.”
Attacking Chinese military networks would be difficult, Isomura said. The reason is obvious to anyone who has traveled to China: the often maddening effort just to get on the Internet.
China’s network is “well protected with the world’s best filtering system, called the Great Fire Wall,” Isomura said. It covers all four areas of Internet transactions: political, conflict/security, Internet tools and social.
Even with Snowden’s revelations and China’s attempt to turn the tables and complain of US cyber intrusions, both sides should attempt to use multilateral institutions to degrade the chances of a cyberwar and to reduce cyber espionage and crime, he said.
Creating a new all-powerful global institution will not work. Cyber issues are “very complicated, being related to national security, espionage, cyber crime and intellectual property,” said Noboru Nakatani, executive director of the Interpol Global Complex for Innovation.
“It is not suitable to establish a ‘superagency’ overseeing all of the issues related to the Internet,” he said.
Nakatani said the US and even China should “optimize the existing organizations,” such as the Internet Corporation for Assigned Names and Numbers, the International Telecommunication Union, the World Intellectual Property Organization and Interpol, to reduce tensions and facilitate cooperation.
While not “universally accepted,” Nakatani said the three pillars of the 2001 Budapest Convention on Cybercrime “should be fine-tuned and implemented nationally, regardless of a country’s accession status.”
These three pillars include coordinating the domestic criminal substantive law elements of offenses and connected provisions in cyber crime; providing for domestic criminal procedural law powers necessary for investigation and prosecution; and setting up a fast and effective regime of international cooperation.