Skip to content

China Youth Daily: Fight a Cyber War: How?

[Editor’s Note: A scholar from the PLA Academy of Military Sciences wrote an article for China Youth Daily in which he gave a detailed description of various forms of cyber warfare: cyber intelligence, network obstruction and paralyzing, cyber defense, network psychology, and integrated network and electronic warfare. The entire article is translated below.] [1]

Like many other advanced technologies, the Internet is a double-edged sword. Born in the 1960s in a U.S. Army laboratory, it is one of the greatest inventions of mankind in the past half-century. Ironically, the U.S., the birthplace of the Internet, has become a target of cyber attacks launched by hackers from all over world.

The U.S. Government issued a report on May 17, 2011, titled “International Strategy for Cyberspace.” [2] The report, for the first time, clearly formulated the U.S.’s overall international policy on cyberspace. According to the report, the U.S. has raised the importance of cyber security to the same level as economic security and military security, and the U.S. threatened that it would not hesitate to use the armed forces to protect cyberspace. In an extraordinary way, the report shows just how much importance the U.S. attaches to cyber warfare.

In recent years, a “tornado” of cyber wars has been sweeping the world. The “Suter” attack, the “Stuxne” virus, “WikiLeaks,” and “Revolutions in the Middle East and North Africa” all arrived one after another and stunned the population of the world. The U.S. has been the hidden culprit behind all of these attacks. Facing cyber warfare that is still in its beginning stage, every country is worried about falling behind and is accelerating the pace and expanding its efforts to prepare for cyber warfare.

Cyber warfare is different from the traditional warfare of the past, which featured gunfire and flying shells; cyber warfare is a completely silent and brand new type of warfare. It is not only active in war and all kinds of conflicts, but also flits in and out of political, economic, military, cultural, technological, and other everyday activities. However, although cyber warfare is a military means with great deterrent and destructive power, it is still half-hidden and unclear to most people. Revealing the mysteries of cyber warfare, we see that it can be broadly categorized into five combat patterns: cyber intelligence, network obstruction and paralysis, cyber defense, network psychology, and integrated network and electronic warfare.

Cyber Intelligence – “Cyber Soldiers” Hunting for Valuable Information Using Viruses, Trojans, Hacker Software, etc.

When it comes to the term “intelligence operations,” people think of spies, secret agents, “James Bond 007,” and so on. Cyber intelligence operations do not seem as thrilling; they are silent and invisible fights, with the “cyber soldiers” using viruses, Trojans, hacking software, and other tactics to obtain all kinds of valuable information. They are fights with both sides hidden behind computer monitors and, in peaceful times, they are an important part of cyber warfare.

Due to the fact that the military intelligence information obtained on the Internet can be high in volume, have high-level confidentiality, exist in real-time, and be low in cost, nowadays intelligence surveillance activities on the Internet are everywhere and are very hard to detect. When you browse the web or chat with friends online, you may unknowingly be firmly “locked” and “targeted’ by “cyber spies.”

This past May, the world’s top weapons supplier, Lockheed Martin, and several other U.S. military and defense companies were hacked, even though these companies had all adopted advanced information security technologies and strict management measures. Regarding Lockheed Martin, unidentified users were able to get a copy of the authentication token only used internally and were able to get into Lockheed Martin’s network. The company’s network contained a great deal of sensitive information including future weapons development information, secret military technology, and intelligence information the U.S. is using today in Afghanistan and Iraq.

According to another report, in 2010, the social security numbers and personal information of more than 100,000 U.S. navy officers, soldiers, marine pilots, and crew were hacked and revealed on the Internet. Within several months, the information was viewed and downloaded tens of thousands of times. It caused a great deal of panic in the army and it took the navy until the end of June to figure it out and take them off the web.

According to the statistics of the U.S. intelligence agency, 80% of the information the hacker obtained was from public information, of which nearly half was from the Internet. With the U.S. taking the lead, the intelligence agencies in different countries around the world have used a variety of Internet tactics to hack and attack targeted sites to gain vital intelligence information.

Network Obstruction and Paralysis – Using “Swarm” Tactics and Severe Serious Viruses to Paralyze the Targeted Network

In today’s information era, the Internet is like a nervous system – it is present everywhere, it is a hub and it controls everything. Once paralyzed, the consequences could be disastrous. Combat aimed at paralyzing the targeted network by attacking its weaknesses has thus become extremely effective.

Network obstruction and paralysis mainly aims to attack the main paths and key nodes of the network. For such a small investment, it is highly effective. Foreign militaries commonly target the gateways and key nodes, and then make use of botnets and attack with “swarm” tactics or use destructive viruses to attack certain key nodes. They both will paralyze the entire network.

The “botnet” technique involves injecting a malicious program into a large number of computers. In this way one is able to control a relatively large number of dedicated computers on the network and send commands to these computers to attack the network. In 2007 and 2008, Russia successfully used such tactics to attack Estonia and Georgia.

On August 8, 2008, as the Russian military crossed the Georgian border, cyber combat using network obstruction and paralysis was launched with “swarm” style attacks. This paralyzed the Internet sites of Georgia’s television media, financial and transport systems, and other important sites. Georgia’s government agencies were in chaos; the networks for the airports, logistics, and communications all collapsed, and the much-needed war materials could not be transported to the specified locations. This had a direct impact on Georgia’s social order, military command and dispatching, and Georgia’s combat power was severely weakened. This demonstrated the great future of network combat. During the attacks, any Russian Internet user could download the hacking software from the Internet. After installation, they could just click on the “Start Attack” button to join the “swarm” attack. Russia really fought a veritable “People’s Cyber War.”

Today, there are enormous numbers of computer viruses and they have spread all over. Some viruses have also become trump cards in cyber warfare. The classic example often referred to involved the U.S. Before the Gulf war, the U.S. put virus chips in the printers of the air defense weapon systems that were exported to Iraq. During the war, they were remotely activated, causing Iraq to lose control of its air defense system, and Iraq ended up losing the war.

It is worth noting that these cyber attacks are moving from targeting software to targeting hardware. For example, how to stop or delay Iran’s nuclear development has become a headache for the U.S., Israel, and some other countries. In July 2010, it was suspected that Israel used the “Stuxne” virus to attack Siemens industrial control systems, which Iran uses for its nuclear power plants. At least 30,000 computers were infected and 1/5 of the centrifuges were out, delaying the development of its nuclear program by two years. The “Stuxne” virus is so far the first and only publicly reported virus to target industrial control systems. It is an indication that cyber warfare has entered a new phase—the destruction of hardware. It also shows that, worldwide, cyber security has entered an “era where safeguarding national infrastructure is a real priority.” This specific attack is a warning that mere physical isolation of the dedicated local area network is no longer a guarantee that it will be completely safe; a dedicated software system may also be attacked.

Cyber Defense – Proactive Defense Combined with In-depth Defense to Avoid Disclosure of Secret Information

Where there is an opportunity to attack, there is an opportunity for defense. This is a confrontational process in which “while the priest climbs one post, the devil climbs ten.” In this era of cyber warfare, protecting their own information infrastructures and information systems from network attacks is an important focus for many countries.

For many nations, increased capacity in cyberspace operations; setting up a defense system that includes security evaluation, monitoring and early warning, intrusion prevention; and an emergency recovery system are important prerequisites for gaining the upper hand in cyber combat. This strategy will combine a proactive defense with in-depth defense, prevent secret information from being disclosed on the Internet, and especially prevent hackers and intelligence agencies from other countries from attacking one’s own websites.

U.S. Navy intelligence experts have told the media that a soldier’s job related photo online may reveal a great deal of internal intelligence relating to top-secret U.S. military equipment and military installations, information that foreign intelligence agencies only dream about acquiring. Experience often comes from lessons learned. Since 2002, the military has monitored the personal web pages of a number of active-duty U.S. soldiers and National Guard soldiers. Since the 2003 Iraq war began, the U.S. military, although allowing officers and soldiers to communicate with their families and folks back home through online video chat and email, will strictly examine and inspect the contents. At the same time, U.S. military personnel are absolutely prohibited from opening online blogs, especially soldiers who are performing military tasks. Other military personnel should not mention weapons or the use of troops in the blogs, or publish comments on daily military operations wherever they are.

To effectively respond to network attacks and ensure national network security, every two years since 2006, the U.S. has held a “Cyber Storm” exercise to comprehensively test national network security and overall combat capability. The 2006 “Cyber Storm I” and 2008 “Cyber Storm II” exercises were mainly aimed at testing U.S. network security and emergency response capacity.

In 2010, “Cyber Storm Ⅲ” was held. It simulated a large-scale network attack against critical U.S. infrastructures, with the aim of testing the U.S.’s important agencies’ collaborative response capacity when faced with an attack. Several thousand participants came from 7 Cabinet departments including the Department of Homeland Security, Commerce, Defense, Energy, Justice, Transportation, and Treasury; industrial sectors including finance, chemistry, communications, dams, defense, information technology, nuclear energy, transportation and water resources; 60 private enterprises in 11 states; as well as 12 international partners including Australia, Canada, France, Germany, Hungary, Italy, Japan, and the U.K.

Network Psychological Warfare – Deliver Information That Attacks Hearts and Minds via a Well-developed Internet to Trigger a “Butterfly Effect”

Network psychological warfare is a psychological game launched in cyberspace, also known as “spiritual politics.” It is an extension and development of traditional psychological warfare in cyberspace.

It is noteworthy that network psychological warfare has expanded its targets from the military to civil society, to create a “Butterfly Effect,” thereby meeting political objectives directly. A meteorologist used a metaphor that “In a South American rain forest in the Amazon Basin, the occasional few flaps of the wings of a butterfly could cause a tornado in Texas in the United States two weeks later.” This is the famous “Butterfly Effect,” which refers to the theory that small changes in an initial condition can bring about a long term and huge chain reaction in the whole system. The network is the best testing ground for this effect: any single piece of information is likely to evolve into an uproar through a well-developed Internet. The U.S.’s new book War 2.0 clearly emphasizes that the final battle in the war of information is the battle over public opinion. The political turmoil in the Middle East and North Africa is the overt expression of this form of struggle.

Compared to previously, the functionality of today’s cyberspace has greatly expanded. The integration of television networks, telephone networks, and data networks, as well as the interaction of cell phones, blogs, and podcasts, have created a powerful media line-up. Cyberspace has become the barometer of people’s thoughts and feelings, a source for the dissemination of focal events, the main battlefield of public opinion, the wrestling arena for diverse cultures, and the testing ground for the “color revolution.” All real world information is refracted and projected into the online virtual world. Every twinkle and smile in the virtual world has a profound impact on the real world. The recent political turmoil in the Middle East and North Africa is called “a revolution triggered by a basket of fruit,” from which we can see (the progression on) a road map: a street vendor’s self-immolation – WikiLeaks’ disclosure of the President’s corruption – the fermentation of public opinion – an online “social networking platform’s” proliferation of public opinion – people took to the streets – the security situation out of control – the situation radiates to the neighboring countries – the Western powers’ intervention – the domino effect starts – the military strikes in Libya.

Integrated Network and Electronic Warfare – with development of the wireless network, the limitations of cable transmission on cyber warfare have been transcended.

Cable transmission usually limits network warfare. With the development of the wireless network, cyber space and electromagnetic space have gradually integrated. This limit has been overcome.

Integrated network and electronic warfare is a military confrontation that targets the enemy’s battlefield network and attacks and destroys the system. It entails energy suppression at the signal level, protocol attacks at the network level, and spoofing at the information level. The U.S.’s “Suter” system is a typical case of network and electronic warfare integration. By improving and enhancing the currently active-duty RC-135 electronic reconnaissance aircraft, the EC-130H electronic communications jamming aircraft, and the F-16CJ fighter (including electronic warfare hanging compartment), it realizes a high degree of integration of electronic warfare, cyber warfare, and destruction of physical objects. The U.S. troops tested Suter 1, Suter 2, and Suter 3 respectively in the 2000, 2002, and 2004 “Joint Expeditionary Force Exercises” (JEFX). In 2006, Suter 4 was not tested, probably due to the wars in Iraq and Afghanistan but was, instead, directly used in combat. In 2008, Suter 5 was tested in the JEFX.

So far, the outside knows little about the “Suter” system. On September 6, 2007, the Israeli Air Force’s non-stealth fighter, with the “Suter” system, successfully broke into Syrian airspace and bombed a target. In this operation, the Israeli Air Force first attacked a Syrian radar station at Tall al-Abuad close to its border with Turkey. The entire Syrian radar system was then completely paralyzed for some time. Eighteen F-16I fighter planes of the Israeli Air Force 69th Fighter Squadron took this opportunity to cross the border, fly along the Syrian coast at low altitude toward a large building about 100 kilometers west to the Syrian border and 400 kilometers northeast of Damascus, and carry out a precision bombing. They then flew back along the original route undetected. The whole world was stunned. Presumably, the success was mainly because the Israeli Army used technology similar to the U.S. “Suter” technology, successfully invaded the Syrian’s air defense radar network, “took over” control, and caused its air defense system to fail.

Network warfare is devastating. Its implementation matters for the country’s safety and survival.

Although the main theme of the current era is peace and development, the specter of cyber warfare has been hovering over all of society, and the haze of war seems ever heavier. Network warfare is shifting from a background operation into a foreground operation, and from playing a supportive to a leading role. Independent operations may use it to achieve political and military purposes or joint operations may use it along with conventional actions to achieve their objectives.

Network warfare forces have increasingly caught the world’s attention. The U.S. has taken the lead in establishing the world’s first full-time Cyber Command so as to compete for network control. Other countries are following suit and sparing no effort to develop a cyber warfare force. At this juncture, many forces use cyberspace to vie against each other.

However, just as a nuclear war was the strategic threat in the industrial age, network warfare is the strategic threat in the information age. Its ability to cause massive devastation makes it a prime concern for a country’s safety and survival. Facing this enormous challenge, on the one hand, we need to understand that the emergence of cyber warfare is an inevitable social development and a new way to wage war in the information era, and that we must actively adapt to it. On the other hand, we must also see that the world’s peace loving people and governments are bound to take action to resist the development of confrontations in cyberspace and the cyber arms race, and that “cyber arms control,” like “nuclear arms control,” will come into being to put a lock on this “Pandora’s” box. In this regard, China should attach great importance to cyber security and show the world that we are serious about building a “protective cyber field” and maintaining “cyber sovereignty.” We will also join the progressive forces and actively participate in the cause of the peaceful use of the Internet to ensure a healthy and orderly cyber world.

(Author’s workplace: PLA Academy of Military Sciences)

[1] China Youth Daily, “Fight A Cyber War, How?” June 3, 2011.
[2] International Strategy for Cyberspace, May 2011.