Chinese Cyber Snooping & Disruption

Chinese Cyber Snooping & Disruption

By B. Raman

In recent months, there has been considerable focus----rightly so--- on Chinese cyber snooping and disruption. The intensified debate on the subject started in Governmental circles of the West----particularly in the US----- and has since been given greater credibility by Google's open allegations against the Chinese of indulging in cyber snooping against anti-Beijing political dissidents and Tibetan nationalists patronising Google Mail. It has been reported that the Chinese cyber snooping and disruption attempts were orchestrated in such a manner as to make it appear that they originated from servers in Taiwan. Google claims to have established that they actually originated from China.

2. The Chinese authorities have countered this by flatly denying these allegations and by making counter-allegations of US cyber snooping and disruption attacks directed at China by using servers allegedly in Iran. They have also been disseminating stories of the close links of Google with the administration of President Barack Obama. They have alleged that Mr. Eric Schmidt, the CEO of Google, was among the first to endorse the Presidential bid of Mr. Obama, that Google was the fourth largest corporate contributor to Mr. Obama's funds for the Presidential campaign and that its CEO acts as an adviser on science and technology to Mr. Obama. The attempted Chinese insinuation is that Google and the Obama Administration are acting in tandem in their attempts to create fears about the Chinese cyber capabilities and that the entire campaign is motivated---politically as well as commercially.

3. India as the neighbour of China with a long-pending border dispute with that country and as an aspirant for a leading position in Asia on par with China----an aspiration not liked by Beijing--- has to take note of the increasing reports on the Chinese interest in the use of the cyber space for advancing its national interests. Modernisation of its information warfare capabilities has been an important component of China's military modernisation ever since the first Gulf war of 1991.

4. The Gulf war of 1991 and the US-led military campaign in Iraq in 2003 showed that in modern wars between States, the decisive blows may come in the very beginning if one has the capability to render the adversary information-blind by disrupting, if not destroying, the adversary's information systems. With its information networks paralysed, Saddam Hussein's Army had to literally grope in the dark in its futile attempts to stop the US advance.

5. If the Iraq war demonstrated the decisive role played by information warfare capabilities in a military campaign against a State adversary, the US-led military campaign against Al Qaeda and the Taliban in the Af-Pak region for nine years now has demonstrated that modern information warfare capabilities cannot be decisive against a non-State adversary, not dependent on networked information systems. The Taliban and Al Qaeda have been able to use the Internet for their own campaigns without creating a dependence on them which could increase their vulnerability. As a result, the USA's superior information warfare capabilities have been of very little use to it in its military campaign in the Af-Pak region.

6. Two concerns have been the driving force of the feverish Chinese acquisition of information warfare capabilities since 1991. The first concern relates to Taiwan. They are worried that in the event of a military conflict Taiwan may do unto them what the US did unto Saddam Hussein's Army. China's protective cyber security architecture is meant to defend their networked systems from a surprise attack by Taiwanese information warriors----either acting on their own or with the collusion of the US. At the same time, they are acquiring an offensive information warfare capability against Taiwan. They are aware of their limitations vis-a-vis the US and do not have any pretensions of being able in the near future to disrupt the US information systems. Their interest in the case of the US is limited to collecting intelligence through the Internet and preventing cyber snooping and disruption by the US against China.

7. The second Chinese concern arises from the increasing use of the Internet by political dissidents to discredit the one-party rule and by the Tibetans and the Uighur separatists to destabilise Tibet and Xinjiang. The disturbances in Tibet two years ago and in Xinjiang last year added to the Chinese alarm. Even before these disturbances, the Chinese have been paying attention to creating in their intelligence agencies a capability for cyber intelligence and counter-intelligence and disruption through cyber covert actions. The alleged Chinese attacks against Google seem to have been an outcome of the aggressive Chinese attempts to strengthen their information warfare capabilities against non-State actors to strengthen their internal security.

8. The capabilities, which the Chinese have been developing since 1991 primarily for use against Taiwan and non-state actors, can be used with equal ease against our own information systems as well as those of the US and other countries. Normally, information warfare capabilities are of universal application. They are not nation or adversary specific. However, offensive architectures have to be developed in a country-specific manner even though ultimately they become amenable to universal application. Similarly, protective architectures are of universal application. If one develops a comprehensive protective architecture it can be used to defend oneself against any power----whether China or Pakistan or the US or any other country.

9. India's needs are: Firstly, a protective architecture, which can protect us from cyber attacks of any origin; secondly, an offensive architecture, which could give us a first strike capability against China and Pakistan in the case of a war with either or both of them and thirdly, a cyber intelligence, counter-intelligence and covert action capability for use against State and non-State actors in times of peace as well as military conflict.

10. Having been a pre-eminent information technology power of Asia for many years, India could have had a head-start over China in developing information warfare capabilities----offensive and defensive. However, we were slow to draw the right lessons from the Gulf war of 1991 and remiss in launching a project for acquiring the required capabilities. My own assessment is that we are at least eight to 10 years behind China in developing our information warfare capabilities. If at least now we show a determination to catch up with China and find the necessary financial and human resources, we should be able to do so.

11. In developing our protective architecture, we should not be over-focussed on China and possibly Pakistan. We should be conscious of likely dangers of penetration of our information systems by the agencies of other countries not for aggressive purposes but for collecting intelligence. Countries such as the US have been in this game for longer than China and have better capabilities than the Chinese. The fact that the Chinese are getting caught or exposed frequently shows that there are still deficiencies in their capabilities and that their deniability is still weak. The fact that there have been fewer instances of the US being detected cyber snooping shows that its capabilities and deniability are stronger than those of China. It does not show that the US is a saint in the game of cyber snooping and disruption.

(The writer is Additional Secretary (retd), Cabinet Secretariat, Govt. of India, New Delhi, and, presently, Director, Institute For Topical Studies, Chennai. He is also associated with the Chennai Centre For China Studies. E-mail: seventyone2@gmail.com)