March 31, 2015: Strategy Page
After years of denying any involvement in Cyber War or having organized units for that sort of thing, China suddenly admitted that it was all true. This was all laid out in the latest (March 2015) issue of a Chinese military publication (The Science of Military Strategy). This unclassified journal comes out about once a year and makes it possible for all Chinese military and political leaders to freely discuss new military strategies. The March edition went into a lot of detail about Chinese Cyber War operations. Most of these details were already known for those who could read Western media. Many details of Chinese Cyber War activities are published in the West, if only to warn as many organizations as possible of the nature and seriousness of the threat. Apparently the Chinese leadership decided that the secrecy about their Cyber War activities was being stripped away by foreigners anyway so why bother continuing to deny. Publish and take a victory lap.
Since the 1990s China has continued to expand its enormous Internet Army (as it is called in China). Not all these programs are successful. For example since 2011 there has been an effort to force companies to organize their Internet savvy employees into a cyber-militia and inspire these geeks to find ways to protect the firm's networks. But by 2013 it was clear this project was not turning out exactly as expected, as many of the volunteers had become successful, but unpopular, censors. It’s now widely accepted that one of the most annoying things for the new Chinese middle class is the censorship (especially on the Internet). The most annoying censorship is the online version that is carried out by paid and volunteer censors at your company or in your neighborhood. This use of “local activists” to control discussions and inform on possible troublemakers (or worse, like spies or criminals) is an old Chinese custom and one that was highly refined by the 20th century communists (first the Russians, who passed it on to their Chinese comrades). The old-school informer network suffered a lot of desertions and other damage during three decades of economic freedom. But the government has been diligent about rebuilding the informer and censor network online, where it’s easier for the busybodies to remain anonymous and safe from retribution. The on-line informers are also useful for keeping an eye on foreign businesses.
Internal and external espionage is one of the main reasons the Chinese government took an interest in the Internet back in the 1990s. This resulted in nearly two decades of effort to mobilize the Chinese people as an Internet army. It was in the late 1990s that the Chinese Defense Ministry established the "NET Force." This was initially a research organization, which was to measure China's vulnerability to attacks via the Internet. Soon this led to examining the vulnerability of other countries, especially the United States, Japan, and South Korea (all nations that were heavy Internet users). NET Force has continued to grow, aided by plenty of volunteers.
In 1999, NET Force organized an irregular civilian militia, the "Red Hackers Union" (RHU). These are several hundred thousand patriotic Chinese programmers and Internet engineers who wished to assist the motherland and put the hurt, via the Internet, on those who threaten or insult China. The RHU began spontaneously (in response to American bombs accidentally hitting the Chinese embassy in Serbia), but the government gradually assumed some control, without turning the voluntary organization into another bureaucracy. Various ministries have liaison officers who basically keep in touch with what the RHU is up to (mostly the usual geek chatter) and intervene only to "suggest" that certain key RHU members back off from certain subjects or activities. Such "suggestions" carry great weight in China, where people who misbehave on the web are very publicly prosecuted and sent to jail. For those RHU opinion-leaders and ace hackers that cooperate, there are all manner of benefits for their careers, not to mention some leniency if they get into some trouble with the authorities. Many government officials fear the RHU, believing that it could easily turn into a "counter-revolutionary force." So far, the Defense Ministry and NET Force officials have convinced the senior politicians that they have the RHU under control. Meanwhile, the hackers (or “honkers” after the Chinese word for “visitor”) became folk heroes and the opportunity to join your company’s contingent of the “Online Red Army” appealed to many as a chance to be like the honkers.
NET Force was never meant to be just volunteers. Starting in the late 1990s, China assembled the first of what eventually grew to 40,000 Ministry of Public Security employees manning the Golden Shield Project (nicknamed as The Great Firewall of China). This was an effort to monitor and censor Internet use throughout the country and punish those who got out of line. In the last decade, over a billion dollars has been spent on this effort. While the Great Firewall cannot stop someone who is expert at how the Internet works but it does greatly restrict the other 99 percent of Internet users. And it provides a lot of information about what is going on inside all that Internet traffic. Foreign intelligence agencies are beginning to find the Great Firewall of China is going from nuisance to obstacle. This has put government intelligence organizations in a difficult position. In the U.S. the feds feel compelled to seek assistance from, and work with, hackers who are developing new ways to tunnel through the Golden Shield. There are several non-governmental outfits that are involved with this effort, and most are hostile to intelligence agencies. Nevertheless, some relationships have been formed, to deal with mutual problems.
It's not only the intel agencies who are keen to learn their way around, and through, the Great Firewall. Cyber War organizations see the Great Firewall as a major defensive weapon as well. The Chinese have a much better idea of what is coming into their country via the Internet, and that makes it easier to identify hostile traffic and deal with it. Some American Cyber War officials are broaching the idea of building something like Golden Shield, just for military purposes. But that would be difficult in most Western countries because of privacy issues. But with Golden Shield China could unleash worms and viruses on the Internet and use their Great Firewall to prevent Chinese systems from becoming as badly infected. China needs every advantage it can get because it has the worst protected, and most infected, PCs in the world. This is largely the result of so many computers using pirated software and poorly trained operators. Meanwhile, the thousands of people running the Golden Shield are gaining valuable experience and becoming some of the most skillful Internet engineers on the planet.
The Chinese military also has a growing number of formal Cyber War units, as well as military sponsored college level Cyber War courses. Western Internet security companies, in the course of protecting their customers, have identified a growing number of Chinese hacking organizations. Some work directly for the military, secret police or other government agencies. These Cyber War units, plus the volunteer organizations and Golden Shield bureaucrats apparently work closely with each other and have provided China with a formidable Cyber War capability. NET Force, with only a few thousand personnel, appears to be the controlling organization for all this. With the help of RHU and Golden Shield, they can mobilize formidable attacks, as well as great defensive potential. No other nation has anything like it and now the Chinese are bragging about it.