The Chinese military has targeted US government computers with intrusions that seek sensitive data, according to a report in which the Pentagon for the first time directly accuses China of a cyber espionage campaign.
The incursions “appear to be attributable directly to the Chinese government and military,” the Pentagon said yesterday in a report to US lawmakers on security issues involving China. The information targeted could be used to bolster China’s defense and technology industries and to support military planning, the Defense Department report said. “China is using its computer network exploitation capability to support intelligence collection against the US diplomatic, economic, and defense industrial base sectors that support US national defense programs,” according to the report.
The Pentagon attribution of hacker attacks to China highlights an issue that has emerged as a source of friction in relations between the two countries. It was part of a broader annual report to Congress covering security challenges arising from China.
China filed a protest with the US over the report and rejects “groundless accusations and hype,” Foreign Ministry spokeswoman Hua Chunying told a briefing in Beijing today. The report’s assertions are irresponsible and harmful to trust between the U.S. and China, Wang Xinjun, a researcher with the Academy of Military Sciences at the People’s Liberation Army, told the official Xinhua News Agency.
QinetiQ Intrusions
“Although it is common sense that you cannot determine sources of cyber attacks only through IP addresses, some people in the Pentagon still prefer believing they are from China as they always bear a sense of rivalry,” Wang was quoted as saying. “It is an allegation based on presupposition.”
The Defense Department said it is investigating intrusions by Chinese cyberspies into the computer systems of defense contractor QinetiQ North America (QQ). For three years, hackers linked to China’s military infiltrated QinetiQ’s computers and compromised most if not all of the company’s research, which includes work on secret satellites, drones and software used by U.S. special forces in Afghanistanand the Middle East, Bloomberg News reported May 2.
“We are working very closely with QinetiQ to determine exactly the scope and breadth of this incident,” Pentagon spokesman Army Colonel Steve Warren told reporters on May 3. Jennifer Pickett, a spokeswoman for McLean, Virginia-based QinetiQ North America, didn’t immediately respond to e-mail and phone messages seeking comment about the Pentagon’s probe.
Beyond Taiwan
In its annual report, the Defense Department also said that China is looking beyond its decades-old territorial dispute with Taiwan as it modernizes its military, according to the report titled “Military and Security Developments Involving the People’s Republic of China 2013.” While preparing for a potential conflict in the Taiwan Strait appears to remain China’s principal focus, China is seeking to expand its influence to conduct counter-piracy and humanitarian assistance missions as well as regional military operations, the Pentagon found.
‘Greater Influence’
“As China’s interests have grown and as it has gained greater influence in the international system, its military modernization has also become increasingly focused on investments in military capabilities to conduct a wider range of missions beyond its immediate territorial concerns,” the Pentagon report said.
The PLA’s engagement with the militaries of other nations “continues to grow significantly,” the Pentagon said. Such interaction helps China share and gain insight into doctrines, strategies, tactics and techniques, according to the report.
The Defense Department’s report comes as President Barack Obama’s administration pursues a strategic “pivot” to the Asia-Pacific, bolstering U.S. naval and other resources in the region. The administration has said China shouldn’t view the change as an effort to contain its growing presence and assertiveness.
Among the developments singled out in the Pentagon report was China’s fielding of “a limited but growing number of conventionally armed, medium-range ballistic missiles.”
Large Ships
One of those is the DF-21D anti-ship missile, described in the report as having a range of 1,500 kilometers (932 miles) and being capable of attacking “large ships, including aircraft carriers, in the western Pacific Ocean.” It’s not clear how many missiles China has deployed or where they are located, said David Helvey, the U.S. deputy assistant secretary of defense for East Asia. “We are concerned about the ability of China to develop missiles that can project its military power with precision at great distances from China,” Helvey said at a Pentagon news conference yesterday on the report. In combination with other weapons systems, China is gaining the capability to deny the U.S. a military presence in the western Pacific, he said. China is carrying out a “moderate and necessary defense buildup” to protect its independence and sovereignty, Hua said at the briefing today. While China will boost its defense spending 10.7 percent this year, military outlays are still about six times more in the US.
Cyber Espionage
The Pentagon report’s findings on cyber espionage echo remarks made two months ago by US National Security Adviser Tom Donilon, who said China was engaged in a “large scale” cybercampaign to steal trade secrets and intellectual property. The Chinese army may be behind the hacking of at least 141 companies worldwide since 2006, according to a Feb. 19 report from Alexandria, Virginia-based Mandiant Corp.
Donilon, who helps shape US foreign policy, said in a March 11 speech that China needs to recognize the scope of the hacking issue, take steps to halt computer espionage and start a “constructive dialogue” with the US on the matter.
Hua, China’s Foreign Ministry spokeswoman, said China is also concerned about cybersecurity and is willing to work with the US on the issue.
The Obama administration, as part of its fiscal 2014 budget request, is seeking to increase total US government spending on cybersecurity to $13 billion, about $1 billion more than current levels.
