Cyber warfare could be as devastating as a nuclear attack, and China is leading the way, reports Humphrey Hawksley. Like the rest of the world, other Asian nations are racing to catch up
When the history of cyber warfare comes to be written, the first high-profile strike may be recorded as having taken place on April 16 this year, the day a North Korean missile blew up seconds after it left the ground.
Pyongyang carried out the much-heralded launch while exchanging threats with Washington at the end of commemoration ceremonies for the 105th birthday of its founding dictator, Kim Il-sung.The weaponry on display, if it was real and worked, was designed to show that North Korea could strike South Korea, Japan and further afield.
Defence industry analysts have suggested that the cause of the missile’s failure might not have been malfunctioning North Korean technology, but a US cyber-attack, part of an operation ordered by President Barack Obama during his second term in office.
Cyber warfare uses computer technology in three main areas: espionage, to steal secrets; propaganda, to manipulate public opinion; and, as would be the case here, a weapon against military networks.
The North Korean test is thought to have been for a K-17 medium-range anti-ship missile, known in Pentagon jargon as a carrier buster, which, if it worked, would threaten US naval power in the western Pacific. The cyber strike against it would have needed a forensic level of skill to infiltrate the missile’s electronic systems at launch. The operation would have been run through the US Cyber Command, which was set up in 2009 as a unit within America’s National Security Agency.
America also has a domestic equivalent, with the Computer Emergency Readiness Team created in 2003 as part of Homeland Security.
‘There is a very strong belief that the US, through cyber methods, has been successful on several occasions in interrupting these sorts of tests and making them fail,’ said the former British Defence Secretary, Sir Malcolm Rifkind, who also chaired Britain’s parliamentary committee on intelligence and security. His suggestion, if correct, not only calls into question the viability of the North Korean nuclear and missile programmes, but has wider ramifications.
On one hand, it opens up the possibility of the US neutralising North Korea’s progress towards nuclear weapons, without having to resort to military strikes. On the other, as rival governments invent more powerful cyber weaponry, it creates futuristic threats of crippled water and power supplies, trains veering off rails, planes dropping out of the sky and other dystopian scenarios.
Until recently, it had been assumed that the most effective way to counter a missile was to intercept it in mid-air with another missile, like a bullet hitting another bullet. But in 2014, the Obama administration concluded that this would guarantee very little security. Even in non-combat conditions, some tests had produced a failure rate of more than 50 per cent. In actual conflict, that would be much higher, so Obama turned to cyber methods.
There was an earlier cyber-attack in 2009 on Iran’s nuclear programme at its Natanz complex. Butthat was against a stationary target, and the infiltration was carried out over several months. Almost certainly the work of the US and Israel, malicious software, known as Stuxnet, damaged centrifuges used for uranium enrichment. The result was that, faced with military or cyber strikes, Iran agreed to the 2015 US-led deal aimed at ensuring an end to any nuclear weapons programme.
But in contrast to its military supremacy, the US is far from the predominant player in the increasingly sophisticated theatre of cyberwarfare. In his book, iWar: War and Peace in the Information Age (Threshold, 2017), security specialist Bill Gertz names China as the main threat, giving details of repeated attacks by its military cyberwarfare units on American companies and government departments.
Among the stolen sensitive information has been air-refuelling schedules for the US Pacific Command, from which China could learn details of aircraft capabilities. It has also taken information on navigation, tracking and anti-aircraft systems, designs for nuclear submarines and sensitive records of thousands of military officers, including log-in names and passwords.
Gertz identifies two specific Chinese cyberwarfare units. One is Unit 78020, operating out of the Chengdu military region whose responsibility is Asia.In one blitzkreig-style attack, this unit used 1,236 IP addresses across 26 cities to hit 10 South-East Asian countries. The strikes have been particularly active when South China Sea tensions are rising, a tactic combined with China’s use of its trade power to make clear to weaker Asian governments the benefits of keeping on the right side of Beijing.
‘The Chinese have been in this game for 15 years,’ says Dmitri Aperovitch, founder of CrowdStrike, a California-based security company. ‘They are head and shoulders above everybody else.’
The second unit, numbered 61398, based in a nondescript office block in Shanghai, concentrates on America. In 2014, Washington took the extreme measure of indicting five named staff of the unit for cyber-crime against corporations including Westinghouse, Alcoa and US Steel. ‘For too long, the Chinese government has blatantly sought to use cyber espionage to obtain advantage for its state-owned industries,’the FBI Director, James Comey, said at the time. ‘The indictment… is an important step.’
There was little chance of bringing the suspects to court, but for a brief time the attacks dropped off. Then, the following year, they resumed with a vengeance. Hackers stole records of 22 million current and former federal employees of the US Office of Personnel Management, including fingerprints, background checks and other personal details. Many worked in security and defence areas.
‘China already has infiltrated US information networks on a grand scale,’ writes Gertz, ‘and is believed to be preparing for future warfare that will involve computer-based attacks capable of shutting down US electrical power grids… thus crippling our ability to function as a nation.’
North Korea, too, has invested heavily in cyberwarfare, but is far behind the US in military cyber capability.Its most high-profile attack came in 2014on Sony Pictures Entertainment, based in Los Angeles, aimed at stopping a comedy movie, The Interview, that made fun of the young leader Kim Jong-un.The strike was orchestrated by Unit 121 of North Korea’s Cyber Warfare Guidance Bureau, headquartered in Pyongyang. According to Gertz’s intelligence sources, it has 1,200 cyberwarfare specialists and a hacking militia totalling about 6,000.
Much of Asia has been left playing catch-up to China and North Korea.Taiwan has only now announced it will be launching a ‘fourth military service’ for cyber warfare later this year.Japan, too, only created a dedicated agency, the Cybersecurity Strategy Headquarters, in 2015.
In India and Pakistan, whose cyber-attacks against each other are routine, the divide between state-controlled and private hackers is opaque.Unlike the US and China, neither government has yet created an official military unit, but in a crisis, Pakistan’s special relationship with China could give it an advantage that India is a long way from countering.In 2015 India announced, in answer to a parliamentary question, that it would be allocating the rupee equivalent of $120 million over five years to reinforce cyber security, but that is a pittance considering the rapidly rising threat.At present, say experts, India would be crushed by China in a full-on cyber war.
In the Cold War, superpower conflict was deterred through the concept of mutually assured destruction, the fear that a nuclear exchange would destroy life as we know it. The cyber superpowers, at present, are the US, China, Russia, Israel and Britain, reflecting an established world order of military balance, with Iran and North Korea the wild cards. How deterrence works in this type of warfare is yet to be determined – Gertz writes of cyberwarfare ‘disrupting society in ways we have yet to fully fathom’.
A cyber assault could become a singular destructive force similar to a nuclear attack, ending our way of life as we know it. But it could also be used in a more nuanced and incremental way.If it could neutralise hard weapons of the battlefield, as in a failed North Korean missile test, it might be a crucial tool for negotiations to prevail over war.