Should conflict occur, China's cyberwar plans target the US, and today's Chinese joint ventures with US manufacturers in hardware, software and telecommunications create a "potential vector" for the People's Liberation Army (PLA) to exploit and compromise, says a report from the US-China Economic and Security Review Commission sent to Capitol Hill today.
The report, "Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage," was researched under mandate by Congress when it first formed the external Washington, DC-based US-China Economic Security Review Commission to undertake ongoing research about relations between the two countries. The report, written by information security analysts from Northrop Grumman, says that leaders in the Chinese People's Liberation Army (PLA) "have embraced the idea that successful warfighting is predicated on the ability to exert control over an adversary's information and information systems, often preemptively."
The report claims China is actively planning out how it could attack US military operations. The report also notes that at least 50 civilian universities in China are receiving funding aimed at developing cyberwar capabilities for the military under at least five established national grant programs.
A cyberstrike could occur in advance of any physical military confrontation, the report states. "Chinese commanders may elect to use deep access to critical US networks carrying logistics and command and control data to collect highly valuable real-time intelligence or to corrupt the data without destroying the networks or hardware."
The report says evidence it has compiled, mainly from PLA, Chinese government and non-proprietary sources, shows that China does want to be prepared to launch a cyberwar strike on the US in the event of a conflict. The report goes on to claim that joint venture relationships between Chinese and non-Chinese hardware, software and telecom providers represent a "risk" from the US point of view.
"potential for illicit access to sensitive network data" is high
The report notes that possible tampering could occur in hardware such as routers and switches from China. And it states, "Deliberate modifications of semiconductors upstream of final product assembly and delivery could have subtle or catastrophic effects. An adversary with the capability to gain covert access and monitoring of sensitive systems could degrade a system's mission effectiveness, insert false information or instructions to cause premature failure or complete remote control or destruction of the targeted system."
Collaboration between US and Chinese information security firms, according to the report, "has raised concerns over the potential for illicit access to sensitive network vulnerability data at a time when the volume of reporting about Chinese computer network exploitation activities directed against US commercial and government entities remains steady."
The report takes a dim view of partnerships between "US or other Western information security firms and Chinese IT and high-tech firms," saying there are risks "primarily related to the loss of intellectual property and erosion of long-term competitiveness, the same threats faced by many US companies in other sectors entering partnerships in China."
The report singles out the joint venture between Huawei Shenzhen Technology Company Ltd. and Symantec, under which for almost four years Symantec shared its security and storage technologies with Huawei to include in its telecom equipment. Symantec CEO Enrique Salem announced the joint venture had ended in November 2011, saying the two companies had decided it would be best to consolidate the venture under one owner. Huawei, which bought out Symantec for $530 million, still licenses Symantec's technologies.
"Partnering with an American or other Western anti-virus vendor does not necessarily allow the Chinese partner to obtain signature data earlier than legitimate participation in industry consortia such as the Microsoft Virus Information Alliance, but it may provide the Chinese partner with deeper access to US markets over the long term," the report said.
Huawei has been blocked by the US Dept of Commerce
Huawei is the large China-based telecom equipment and service provider which has been seeking to expand business in the US the past few years even as the atmosphere has grown more tense as several US companies, including Google, have spoken of cyber-espionage carried out by what appeared to be attacks out of China.
Without official explanation, Huawei has found itself blocked by the US Department of Commerce from participating in a USproject to build a wireless network for emergency personnel, police and firefighters. In addition, Huawei has found itself struggling with its involvement with Iran, where it has sold network gear, but recently said it would no longer supply Iran after its contracts there end.
Neither Symantec nor Huawei had immediate comment regarding the report. However, William Plummer, vice president of external communications at Huawei, who spoke with Network World last week about these topics, says assertions made in a Wall Street Journal story late last year that Huawei was helping Iran conduct cyber-surveillance against its citizens, especially dissidents, simply isn't true.
Plummer said Huawei's telecom equipment does have the equivalent of a backdoor for government use, but it is the same kind that is mandated in equipment by the US under the Communications Assistance for Law Enforcement (CALEA) laws in the US. This kind of interface is there for governments around the world, he notes.
"Every government on this planet has a shared concern about security," Plummer said. He said Huawei, which did $32 billion in business last year, is not part of the Chinese government, although its founder, Ren Zhengfei, is an ex-Army officer in the PLA. However, a number of US lawmakers are pushing to investigate Huawei and its ties to Iran, especially as concerns the WSJ's allegations of tracking of wireless mobile use in Iran.
In general, cyber-espionage is a fact of life today, Plummer acknowledged. Based on his own experience in the US foreign service, he noted, "I believe there's hacking of all sorts" by Russia, China and the US.